Hi. I was working on my computer today and suddenly the screens went black. At fist I thought my monitor shorted out (it does that sometimes) but that wasn't the case. I restarted the computer and everything started running like molasses. There is a serious lag when I open programs, documents or the internet. There is a serious lag when I type and scroll with the mouse - although, curiously, there is no typing or scrolling lag in notepad. I ran malwarebytes but it didn't detect anything. I tried to do a system restore to a previous date twice but the processes keeps getting stalled at the initializing stage. I have windows 10. I appreciate any help I can get.
Here are my Farbar logs.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
Ran by erine (administrator) on DESKTOP-0OR6TUF (Dell Inc. Inspiron 3670) (22-09-2021 00:20:35)
Running from C:\Users\erine\Desktop
Loaded Profiles: erine
Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFHelper.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\mcafee-security.exe
(McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Meraki, LLC. -> Meraki, Inc.) C:\Program Files\Meraki\Systems Manager Agent 3.1.1\m_agent_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\erine\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(Thesycon Software Solutions GmbH & Co. KG -> ) C:\Program Files\Positive Grid\USB Audio Device Driver\W10_x64\Spark40USBAudioDriverCpl.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [340480 2018-07-25] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8091424 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft) [File not signed]
HKLM-x32\...\Run: [LeapFrog Connect 2 Launcher] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFLauncher.exe [30320 2019-08-13] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\erine\AppData\Local\WebEx\ciscowebexstart.exe [2499800 2021-02-25] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Link.lnk [2020-04-01]
ShortcutTarget: Avid Link.lnk -> C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Positive Grid USB Audio Device Control Panel Autostart.lnk [2021-07-29]
ShortcutTarget: Positive Grid USB Audio Device Control Panel Autostart.lnk -> C:\Program Files\Positive Grid\USB Audio Device Driver\W10_x64\Spark40USBAudioDriverCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
Startup: C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-05-20]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {003CFD9A-971D-4B9A-A2A5-057ECC235A2F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3707107645-3133845480-1438675409-1001 => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupdate.exe [31176 2021-07-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {11C369DA-8429-4770-97FE-B0E2B7D2A5F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {137913B0-BA06-4AF2-9D39-15C9D262E643} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BE86C00-AA40-4497-BE7C-CD3F3DBA242A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {23AFBA10-96F1-44A1-9DBF-C6F90AC0435E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-02] (Google Inc -> Google Inc.)
Task: {35FF5702-C0A4-4C79-AFAE-DF3F5794D2D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {361A9B78-F48C-4CF9-AADB-2C588162FAC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E8CF46C-9899-48E7-97D6-5C407E358E1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-02] (Google Inc -> Google Inc.)
Task: {68496CDE-014A-4A93-AB8B-66621B337893} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4665296 2018-09-11] (McAfee, Inc. -> McAfee, Inc.)
Task: {6DDBADCD-AD84-44A5-BFA8-2322E1DB69D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EA652E2-0F53-41E2-9C94-9577C55C2ABA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {93461ECF-28A9-4D49-B11F-A1A8275E8339} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1155480 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8F926DE-4DB7-4BFC-86D7-32F2800E6E41} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A930250E-FD60-483D-B73A-D446A2B91AF5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {B0FC898B-670F-493E-8A53-4FD380C81F54} - System32\Tasks\NCH Software\ExpressRipDowngrade => C:\Program Files (x86)\NCH Software\ExpressRip\expressrip.exe [1006648 2019-03-22] (NCH Software Pty Ltd -> NCH Software)
Task: {C37B4CFA-631B-49AF-BF09-692DCA436213} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {C4AC0B23-378D-453F-8E66-F62E455295F6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C902F622-B369-44AD-8BE6-46FDB35C5B1A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0142236-511F-4774-A84E-E39E07AD1A30} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3F632A4-BCA9-46DF-BDFF-7D5BBD9BD5A0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F323D4A5-A8BC-45F0-BA78-CEB3845793B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {FB683A86-36CD-4E64-BFF9-D3925F6FC865} - System32\Tasks\G2MUploadTask-S-1-5-21-3707107645-3133845480-1438675409-1001 => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupload.exe [31176 2021-07-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FBA9D3F3-F308-4266-B394-D8B8F5DB8EED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3707107645-3133845480-1438675409-1001.job => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3707107645-3133845480-1438675409-1001.job => C:\Users\erine\AppData\Local\GoToMeeting\19796\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.12.1
Tcpip\..\Interfaces\{2d523801-0097-4f41-aeb8-f30dcdd432b5}: [DhcpNameServer] 192.168.12.1
Tcpip\..\Interfaces\{efd4fddc-f2ea-4ba3-b79d-778a0be4e2c9}: [DhcpNameServer] 172.71.1.171
Edge:
=======
DownloadDir: C:\Users\erine\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\erine\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-21]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-22]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: un57y4gx.default
FF ProfilePath: C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default [2021-09-16]
FF Extension: (translator-lite) - C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default\Extensions\
[email protected] [2019-03-11]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-27]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-06-04]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2019-02-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-04-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-04-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\erine\AppData\Roaming\mozilla\plugins\npatgpc.dll [2018-12-05]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default [2021-09-22]
CHR DownloadDir: C:\Users\erine\Downloads
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://place-web.com; hxxps://voice.google.com; hxxps://www.cbssports.com; hxxps://www.facebook.com; hxxps://www.ketoconnect.net; hxxps://www.newsbreak.com; hxxps://www.sephora.com
CHR HomePage: Default -> hxxps://my.erikson.edu/ics/default.aspx/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxp://www.office.com/"
CHR Extension: (Slides) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-02]
CHR Extension: (Docs) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-02]
CHR Extension: (Google Drive) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-02]
CHR Extension: (Mendeley Web Importer) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2021-09-02]
CHR Extension: (Adobe Acrobat) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-18]
CHR Extension: (Sheets) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-02]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-08-30]
CHR Extension: (Whisk) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfoijmnbedaipllfimaogeepohalbgka [2021-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Pinterest Save Button) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-09-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-14]
CHR Extension: (Cisco Webex Extension) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-07-27]
CHR Extension: (Google Scholar Button) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2020-10-08]
CHR Extension: (Yumprint) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nboinfelnglhdhgchcmomigiddalpjka [2018-12-02]
CHR Extension: (No Name) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-05-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-22]
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-16]
CHR Extension: (Slides) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-13]
CHR Extension: (Google Drive) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-13]
CHR Extension: (YouTube) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-13]
CHR Extension: (Adobe Acrobat) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-13]
CHR Extension: (Sheets) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-13]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-13]
CHR Extension: (Gmail) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-13]
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LFHelper; C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFHelper.exe [2606704 2019-08-13] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-21] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R2 MerakiSystemsManagerAgent; C:\Program Files\Meraki\Systems Manager Agent 3.1.1\m_agent_service.exe [6269152 2021-04-27] (Meraki, LLC. -> Meraki, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3446576 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3595776 2021-09-17] (Microsoft Corporation) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wgsslvpnsrc; C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [101376 2013-04-11] () [File not signed]
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iTransfer\DriverInstall.exe [107200 2017-11-08] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc. -> McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl21a47fd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E59C9DB0-2121-4C68-972F-1DACE0144861}\MpKslDrv.sys [130296 2021-09-22] (Microsoft Windows -> Microsoft Corporation)
S3 Spark40USBAudioDriver; C:\WINDOWS\System32\drivers\Spark40USBAudioDriver.sys [377384 2019-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 Spark40USBAudioDriverks; C:\WINDOWS\System32\drivers\Spark40USBAudioDriverks.sys [53800 2019-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2013-04-11] (WatchGuard Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-22 00:20 - 2021-09-22 00:20 - 002304512 _____ (Farbar) C:\Users\erine\Desktop\FRST64.exe
2021-09-22 00:20 - 2021-09-22 00:20 - 000000000 ____D C:\Users\erine\Desktop\FRST-OlderVersion
2021-09-21 23:58 - 2021-09-21 23:58 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-09-21 23:58 - 2021-09-21 23:58 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-09-21 23:58 - 2021-09-21 23:58 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-09-21 15:19 - 2021-09-21 15:19 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-09-21 15:07 - 2021-09-21 15:07 - 000000000 ___HD C:\$SysReset
2021-09-21 14:04 - 2021-09-21 14:04 - 000000000 ___HD C:\$WinREAgent
2021-09-21 12:58 - 2021-06-18 06:35 - 001859624 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001859624 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001102328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 001102328 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000956432 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000956432 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000614232 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000429928 _____ C:\WINDOWS\system32\ze_loader.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000309696 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000257088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000173080 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000148360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000145776 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 026671952 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 013499224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 000507744 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 000370528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-09-21 12:58 - 2021-06-18 06:33 - 000354672 _____ C:\WINDOWS\system32\ControlLib.dll
2021-09-17 22:08 - 2021-09-17 22:08 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3707107645-3133845480-1438675409-1001
2021-09-17 22:08 - 2021-09-17 22:08 - 000002385 _____ C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-16 18:26 - 2021-09-16 18:26 - 001628064 _____ C:\Users\erine\Downloads\MQI Coaching Camera Set Up Guide (1).pdf
2021-09-16 18:15 - 2021-09-16 18:15 - 001628064 _____ C:\Users\erine\Downloads\MQI Coaching Camera Set Up Guide.pdf
2021-09-16 15:26 - 2021-09-16 15:26 - 008087229 _____ C:\Users\erine\Downloads\Gender.zip
2021-09-16 14:20 - 2021-09-16 14:20 - 000818066 _____ C:\Users\erine\Downloads\Cahoon_Cassidy_Purpura_et_al._2021_Rigorous_Measure_JNC_AAM.pdf
2021-09-16 03:53 - 2021-09-16 03:53 - 000012175 _____ C:\Users\erine\Desktop\NSF Figures.xlsx
2021-09-14 22:02 - 2021-09-14 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-09-14 11:46 - 2021-09-14 11:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-14 11:44 - 2021-09-14 11:44 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-09-13 05:58 - 2021-09-13 05:58 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-09-10 14:09 - 2021-09-10 14:09 - 000000000 ____D C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-10 13:50 - 2021-09-10 13:50 - 000896935 _____ C:\Users\erine\Downloads\fe_report_fin.pdf
2021-09-08 00:57 - 2021-09-12 04:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-05 01:35 - 2021-09-16 23:10 - 000017905 _____ C:\Users\erine\Desktop\Milk Ledger.xlsx
2021-09-04 15:56 - 2021-09-04 15:56 - 000105464 _____ C:\Users\erine\Downloads\MQI Coaching Teacher Matching - by coach.xlsx
2021-09-02 00:21 - 2021-09-02 00:21 - 002857747 _____ C:\Users\erine\Downloads\Curriculum Night Power Point.pptx.pdf
2021-09-01 00:05 - 2021-09-01 00:05 - 000011607 _____ C:\Users\erine\Downloads\FY21 Report Summary 8.31.21.xlsx
2021-08-31 14:12 - 2021-08-31 14:12 - 000336341 _____ C:\Users\erine\Downloads\Math Partners_Narrative.edited.pdf
2021-08-31 11:56 - 2021-08-31 11:56 - 000003524 _____ C:\Users\erine\Downloads\EQUIP_M_Forms_Summary.csv
2021-08-31 11:47 - 2021-08-31 11:47 - 000007616 _____ C:\Users\erine\Downloads\EQUIP_M_Forms (12).csv
2021-08-30 14:57 - 2021-08-30 14:57 - 000000000 ____D C:\Users\erine\.IBM
2021-08-30 13:32 - 2021-08-30 13:32 - 000000000 ____D C:\Users\erine\AppData\Local\renv
2021-08-30 13:29 - 2021-08-30 13:29 - 000002168 _____ C:\Users\Public\Desktop\IBM SPSS Statistics.lnk
2021-08-30 13:29 - 2021-08-30 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2021-08-30 13:14 - 2021-08-30 13:17 - 880796040 _____ (IBM Corp) C:\Users\erine\SSC_64-bit_28.0.0.0_MWins.exe
2021-08-27 15:17 - 2021-08-27 15:17 - 000002370 _____ C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-08-27 15:17 - 2021-08-27 15:17 - 000002362 _____ C:\Users\erine\Desktop\Microsoft Teams.lnk
2021-08-26 23:41 - 2021-08-26 23:42 - 000528762 _____ C:\Users\erine\Downloads\Villarreal2015-WJIVACHTestReview.pdf
2021-08-26 23:09 - 2021-08-26 23:09 - 000505343 _____ C:\Users\erine\Downloads\StudyReviewProtocolVersion4.1-508 (1).pdf
2021-08-26 23:05 - 2021-08-26 23:05 - 000021489 _____ C:\Users\erine\Downloads\DSG ARISE Invoice Blank (1).xlsx
2021-08-26 14:20 - 2021-08-26 14:20 - 000003916 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-08-24 13:41 - 2021-08-24 13:41 - 000824908 _____ C:\Users\erine\Downloads\nsf20572.pdf
2021-08-23 17:07 - 2021-08-23 17:07 - 000000000 ___RD C:\Users\erine\Documents\Scanned Documents
2021-08-23 17:07 - 2021-08-23 17:07 - 000000000 ____D C:\Users\erine\Documents\Fax
2021-08-23 00:25 - 2021-08-23 00:25 - 000456603 _____ C:\Users\erine\Downloads\Completion_Certificate (3).pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-22 00:23 - 2021-03-05 12:01 - 000031360 _____ C:\Users\erine\Desktop\FRST.txt
2021-09-22 00:22 - 2021-03-05 11:56 - 000000000 ____D C:\FRST
2021-09-22 00:13 - 2018-12-02 19:13 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-22 00:01 - 2020-05-18 12:16 - 000000000 ___RD C:\Users\erine\OneDrive - erikson.edu
2021-09-22 00:01 - 2019-10-04 15:11 - 000000000 ___RD C:\Users\erine\erikson.edu
2021-09-22 00:01 - 2018-12-02 19:07 - 000000000 ___RD C:\Users\erine\OneDrive
2021-09-21 23:57 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-21 23:56 - 2020-11-01 04:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-21 23:56 - 2020-11-01 03:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-21 23:56 - 2020-11-01 03:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-21 23:56 - 2018-09-11 08:13 - 000000000 ____D C:\Intel
2021-09-21 21:24 - 2020-11-01 03:52 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-21 21:24 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-21 18:04 - 2018-12-02 19:36 - 000000000 ____D C:\Users\erine\AppData\LocalLow\Mozilla
2021-09-21 17:49 - 2019-12-07 04:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-09-21 16:45 - 2021-04-12 11:57 - 000563080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-21 16:41 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-21 16:41 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-21 16:37 - 2020-05-18 17:19 - 000000000 ____D C:\Users\erine\Documents\Zoom
2021-09-21 16:29 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-21 15:51 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-21 15:51 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-21 15:31 - 2021-06-24 04:36 - 000000000 ____D C:\Users\erine\AppData\LocalLow\IGDump
2021-09-21 15:19 - 2021-05-28 15:28 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-21 15:19 - 2020-08-02 03:43 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-21 15:17 - 2021-05-28 15:27 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-09-21 15:11 - 2020-09-05 17:16 - 000000000 ____D C:\Users\erine\AppData\Local\CrashDumps
2021-09-21 15:08 - 2018-12-02 19:02 - 000000000 ____D C:\Users\erine\AppData\Local\Packages
2021-09-21 14:29 - 2020-08-22 05:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-21 14:28 - 2020-08-22 05:58 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-21 14:25 - 2018-12-02 19:14 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-18 20:24 - 2021-07-04 21:28 - 000000000 ____D C:\Users\erine\AppData\Roaming\.minecraft
2021-09-17 03:21 - 2018-12-02 22:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 03:16 - 2018-12-02 22:38 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-16 23:05 - 2018-12-02 19:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-16 18:25 - 2019-02-07 16:23 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-14 22:03 - 2019-01-04 18:06 - 000000000 ____D C:\Users\erine\AppData\Local\Dropbox
2021-09-14 22:03 - 2019-01-04 18:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-09-12 05:23 - 2018-12-02 20:40 - 000000000 ____D C:\Users\erine\AppData\Local\D3DSCache
2021-09-12 04:53 - 2018-12-02 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-10 14:10 - 2018-12-11 11:41 - 000000000 ____D C:\Users\erine\AppData\Roaming\Zoom
2021-09-09 10:11 - 2020-09-30 02:14 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-08 13:17 - 2018-09-11 07:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-08 07:57 - 2021-07-27 17:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-08 07:57 - 2018-12-02 19:36 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-02 04:23 - 2020-05-18 17:19 - 000000000 ____D C:\Users\erine\Documents\Housekeeping
2021-09-02 01:01 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-08-31 13:50 - 2020-09-16 02:30 - 000000000 ____D C:\Users\erine\AppData\Local\javasharedresources
2021-08-30 20:26 - 2019-11-13 08:00 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-30 14:57 - 2020-11-01 03:39 - 000000000 ____D C:\Users\erine
2021-08-30 13:32 - 2020-09-16 02:33 - 000000000 ____D C:\Users\erine\AppData\Roaming\IBM
2021-08-30 13:23 - 2020-09-16 02:28 - 000000000 ____D C:\Program Files\IBM
2021-08-26 14:26 - 2020-01-21 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-08-26 14:00 - 2021-07-27 16:02 - 002163152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-08-26 14:00 - 2021-07-27 16:02 - 000307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-08-26 14:00 - 2021-07-27 16:02 - 000213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-08-26 14:00 - 2021-07-27 16:02 - 000188856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-08-26 14:00 - 2021-07-27 16:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-08-26 14:00 - 2021-07-27 16:02 - 000061904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-08-24 17:18 - 2020-02-07 14:29 - 000000000 ____D C:\Users\erine\AppData\Local\GoToMeeting
==================== Files in the root of some directories ========
2021-08-30 13:14 - 2021-08-30 13:17 - 880796040 _____ (IBM Corp) C:\Users\erine\SSC_64-bit_28.0.0.0_MWins.exe
2020-04-01 00:10 - 2020-04-01 00:11 - 001451682 _____ () C:\Users\erine\AppData\Roaming\AvidLink_Install.log
2021-03-05 12:06 - 2021-03-05 12:06 - 000000017 _____ () C:\Users\erine\AppData\Local\resmon.resmoncfg
==================== FLock ==============================
2021-05-28 05:10 C:\Recovery
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by erine (22-09-2021 00:29:16)
Running from C:\Users\erine\Desktop
Windows 10 Home Version 20H2 19042.1165 (X64) (2020-11-01 09:09:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3707107645-3133845480-1438675409-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3707107645-3133845480-1438675409-503 - Limited - Disabled)
erine (S-1-5-21-3707107645-3133845480-1438675409-1001 - Administrator - Enabled) => C:\Users\erine
Guest (S-1-5-21-3707107645-3133845480-1438675409-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3707107645-3133845480-1438675409-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Amazon Kindle) (Version: 1.28.0.57030 - Amazon)
Avid Link (HKLM\...\{852D24C6-60A0-4822-B05D-A005A6CD2F87}) (Version: 20.3.0.1213 - Avid Technology, Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\ActiveTouchMeetingClient) (Version: 41.1.3 - Cisco Webex LLC)
Comcast Business VoiceEdge Companion (HKLM-x32\...\B14ACF74-0DA5-4DEC-813B-6E5902DC6DAB_is1) (Version: 4.1.0 - Comcast Business)
Coolmuster Android Assistant (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Coolmuster Android Assistant) (Version: 4.3.497 - Coolmuster)
Dell Digital Delivery Service (HKLM-x32\...\{66E2407E-9001-483E-B2AA-7AEF97567143}) (Version: 3.6.1005.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{913C378B-00FC-429C-BCC4-E7B2EC6679C7}) (Version: 1.2.6266 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 131.4.3968 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.503.1 - Dropbox, Inc.) Hidden
Ensemble Anthem (HKLM-x32\...\{DAC7A13A-4B6E-4697-8F4E-EA9836F34EBC}) (Version: 2.7.0 - Ensemble Video)
Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 3.00 - NCH Software)
G*Power 3.1.9.7 (HKLM-x32\...\{FA3666A9-FF30-4777-B906-305B1EF0486E}) (Version: 3.1.97 - Franz Faul, Uni Kiel, Germany)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.17.0.19796 (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\GoToMeeting) (Version: 10.17.0.19796 - LogMeIn, Inc.)
HLM 8.00 for Windows (Student) (HKLM-x32\...\{9E3FCEEE-3163-4946-A8AB-C97F4F70DD12}) (Version: 8.00 - SSI, Inc.)
IBM SPSS Statistics (HKLM\...\{DC8AD675-36E2-44AD-8FB9-FA069BEAC190}) (Version: 28.0.0.0 - IBM Corp)
IBM SPSS Statistics 27 (HKLM\...\{8EAD21F8-AD8B-4C6F-ABE6-92357CAB043E}) (Version: 27.0.0.0 - IBM Corp)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation)
iSkysoft iTransfer ( Version 4.3.1 ) (HKLM-x32\...\{84A89F3A-B59A-4324-8598-3611853769C8}_is1) (Version: 4.3.1 - iSkysoft)
Java 8 Update 281 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
LeapFrog Connect 2 (HKLM-x32\...\LeapFrogConnect2) (Version: 4.0.22.435 - LeapFrog)
LeapFrogConnect2 (HKLM-x32\...\{E713461D-C80C-4E84-B53D-B351E9FD8EBA}) (Version: 4.0.22.435 - LeapFrog) Hidden
LeapStart (HKLM-x32\...\{86F8863C-5B13-4809-B154-A6F2F75A680C}) (Version: 4.0.24.437 - LeapFrog) Hidden
Malwarebytes version 4.4.6.132 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.43 - McAfee, Inc.)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Meraki Systems Manager Agent (HKLM\...\{573BE5A2-40E9-4C53-A744-CD352DBCC0C1}) (Version: 3.1.1 - Meraki)
Meraki Systems Manager Agent (HKLM-x32\...\{BCD00ACA-E928-48E3-BE0E-342F052BDA5C}) (Version: 1.0.98 - Meraki)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 92.0 (x64 en-US)) (Version: 92.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.68.39605 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Positive Grid USB Audio Device Driver v4.80.0 (HKLM-x32\...\Software_PositiveGrid_PositiveGrid_UsbAudio_Driver_Setup) (Version: 4.80.0 - Positive Grid)
QT5.10.1 (HKLM-x32\...\{D648CC39-D39C-445B-AEB7-213632704032}) (Version: 1.0.0.0 - LeapFrog) Hidden
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
Sibelius (HKLM\...\{6E8787BE-2DCD-4212-BCE3-62F0D1890CB5}) (Version: 20.3.0.2503 - Avid Technology)
Sibelius OpenType Fonts (HKLM-x32\...\{797B694A-E317-4405-A512-76A91A50243F}) (Version: 20.1.0 - Avid)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.22654 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Use the entry named LeapFrog Connect2 to uninstall QT5.10.1 (HKLM-x32\...\QT5.10.1) (Version: - LeapFrog)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WatchGuard Mobile VPN with SSL client 11.7.3 (HKLM-x32\...\Mobile VPN with SSL client_is1) (Version: - WatchGuard)
Zoom (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\ZoomUMX) (Version: 5.7.8 (1247) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{2C9A4261-9CAB-4FF1-AC5A-AC436FBB4F48}) (Version: 5.4.58474 - Zoom)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2110.1.0_x86__kgqvnymyfvs32 [2021-09-17] (king.com)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-19] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-08-26] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-08-12] (Dell Inc)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-02] (Fitbit)
Golden Farm -> C:\Program Files\WindowsApps\4ACEF246.GoldenFarm_2.4.16.0_x86__05g3z837ka020 [2021-08-14] (ПлейМи8)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-22] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-02] (LinkedIn)
LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.0.10.0_x64__rx5mtpcf576t0 [2021-09-21] (LiquidText)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy [2021-09-15] (McAfee LLC.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-26] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-15] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-12-02] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-14] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0 [2021-09-21] (Spotify AB) [Startup Task]
Township -> C:\Program Files\WindowsApps\PLRWORLDWIDESALES.TOWNSHIP_2021.852.1.0_x64__1feq88045d2v2 [2021-09-01] (Playrix)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-12-02] (Waves Audio)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{04271989-C4D2-88A2-3539-1A94673CEAB1} -> [OneDrive - erikson.edu] => C:\Users\erine\OneDrive - erikson.edu [2020-05-18 12:16]
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{04271989-C4D2-E4DB-C5EA-728D92C7BD4B} -> [erikson.edu] => C:\Users\erine\erikson.edu [2019-10-04 15:11]
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\erine\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\erine\AppData\Local\GoToMeeting\18705\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\erine\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\erine\Dropbox [2019-01-04 18:11]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed] [File is in use]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-28] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\erine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Erin (erikson.edu) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2019-12-07 04:53 - 2019-12-07 04:53 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2019-05-23 15:57 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-12-03 23:19 - 2018-12-03 23:19 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-09-15 19:25 - 2021-09-15 19:25 - 016744448 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\mcafee-security.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001 -> DefaultScope {76BA70CC-4A17-4886-9A3D-AB84718B94D9} URL =
SearchScopes: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001 -> {76BA70CC-4A17-4886-9A3D-AB84718B94D9} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-06-04] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll [2021-04-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-06-04] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-04-13] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\sharepoint.com -> hxxps://erikson-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Propellerhead Software\ReWire\;C:\Program Files\Common Files\Propellerhead Software\ReWire\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.12.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Avid Link.lnk"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "LeapFrog Connect 2 Launcher"
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{82FE4774-7537-40D4-8C40-CB1E04F8B9DB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{91265713-1BBB-4EFD-918E-8AC3F172D293}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{D41C67E6-5EF9-4387-8E7A-C0CFF6A70183}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{FCB196ED-7F09-493B-851D-F7D005EA342D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{797D1683-93F2-436A-AE46-8A6C03D3A99F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4ECB768A-7AEF-40C0-9735-7184D93F5FCD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{8069A8E5-D2BD-483C-BFDE-58870785C960}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{4FEEDD4D-FF92-4455-AB6E-544F7BE57D8D}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{68C5941B-BF1D-4ADB-A299-5AB0E491DF27}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe
FirewallRules: [{AB8C8466-A433-4B37-B535-F8F64B6B4F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{2E5D5CE8-C96E-46E3-ADF3-4AF738FB6404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{1BB45BF6-C2F6-4DB2-A81E-1BA2C8322294}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{27D0D49B-7299-46BD-B764-15D687BF7D06}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{EEE394CF-2D2F-483E-8613-AD38FBEBEC2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gary Grigsby's War in the East\autorun.exe (Slitherine Ltd -> Matrix Publishing Ltd.)
FirewallRules: [{0EA081DF-F331-4613-A022-4BE8354C329D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gary Grigsby's War in the East\autorun.exe (Slitherine Ltd -> Matrix Publishing Ltd.)
FirewallRules: [UDP Query User{0AADBF99-E49A-470A-84C3-A445CF235D41}C:\users\erine\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\erine\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AC25FB74-84CA-4847-B09F-F7143197E990}C:\users\erine\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\erine\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABA2EB13-5D2C-455F-A3AE-5BE0DF5C195F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8DE8C12E-51DB-4280-989B-EEFF1931C5C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{4BEC8F64-4607-4E9B-A209-00688A19FDB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steel Division 2\SteelDivision2.exe (Eugen Systems -> )
FirewallRules: [{97DA9C1D-F386-4B7A-A99C-1440A2C154F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steel Division 2\SteelDivision2.exe (Eugen Systems -> )
FirewallRules: [{E93034E9-9443-476F-964D-6C5070F1ADD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B6622C3D-3707-43DA-B5A6-8599CDF72043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{C6E35B94-22E1-4229-A500-6FC32A0EBC45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{C18BFC5B-68EE-4237-8C85-1EA1B0C4C2BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{6764EA49-E091-42EE-B6F3-3BE87A88721A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{E4D706BE-7FF3-478D-AF73-1B17D9A2BF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B985B362-BDB3-493B-A206-970E2D1323DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{2477E48C-20B1-4E19-9D7B-CCB9553EBC99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{0B9FD753-8363-40B2-8B92-99E6F08055CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{699FC05B-C7B0-4A70-9C5C-EB0CC7F720B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{8C1F622C-3C47-4EE0-8AA2-9323509AE855}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{F249F148-5AD5-4D87-9EC1-35DAFD5ADFCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{557977B2-27B4-4457-9E98-F49B3A008420}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{906D40C6-E3B1-4580-AA51-BA445A074AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B5A938DB-9C46-4F71-A42E-1CB98406DA81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B8486867-0FE5-4ACA-946A-D213304AA51C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DDE83877-17D5-4FDF-AAA5-2D3FE2B62307}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe (Witold Budziszewski) [File not signed]
FirewallRules: [{6922417B-4AB2-4EC0-A47B-58C9593DAA1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe (Witold Budziszewski) [File not signed]
FirewallRules: [{714773E4-E0B5-4EA0-80E8-F0D156B1F696}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{269078E5-3A6D-4519-8182-0AA78896E999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{4CA29012-B83A-4ECA-BE17-0B6F76173FC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{80C230DC-C372-422C-A7C1-0295487EB577}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3062A725-8B8C-4737-B938-5159C1F8BAD8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.11001.20108.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A20DCD7-4621-4B9E-9666-2E2CD79C6839}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6DAE79D6-5676-41DA-BCDD-E6C03E7C3FA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{035DEDDF-E79A-4167-A583-3A47054DA3F7}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{52931BB2-AD5A-4E2A-8DE6-182F3D8DC90A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{AB766514-604C-4DBA-B002-D77B73A1E6E6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{5EF13515-3723-47F2-ABCA-E745246AB2D4}C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [UDP Query User{58E11E2C-C253-47C7-B49D-DA8F227979B3}C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [{50E43B59-7084-4D0D-AF62-5B4802508B2C}] => (Block) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [{E2F0F573-400B-4772-9EBA-FA4DF606A905}] => (Block) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [TCP Query User{B7C35C69-7505-49A3-B2A1-BDC75CE23223}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{113914F1-ED21-4DF8-BFBD-47BFD1943831}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1EE83D3B-715B-4A07-926A-99F07DC5D87F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{6914C75B-8A33-4BCF-B2B6-B5154E370D8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{60087F19-41E9-4B83-92BF-42AE0E96B285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\Ultimate General Civil War.exe () [File not signed]
FirewallRules: [{1343FBE2-EFFA-4694-83C4-0CE004845964}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\Ultimate General Civil War.exe () [File not signed]
FirewallRules: [{D6308340-01AB-4E9A-BC95-11D14026AC64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\UGCWReporter.exe () [File not signed]
FirewallRules: [{F0C93BA6-F6E2-4424-AB6F-549AA0FC9D16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\UGCWReporter.exe () [File not signed]
FirewallRules: [{5D4C5A9A-4F5F-4CF0-AD0C-B53668077E2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38F9008D-0333-4593-8D78-237A27B56288}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{03D065CB-622F-4E20-8916-59BD6A83C25A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3447EA05-5783-4ED3-A145-4B43571A4077}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7D391528-ED0B-4F09-8452-1B86A3F8EB2B}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{2AADF3EC-9353-4232-8BE2-A03C5781AFD4}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{28640029-1CB6-4D5C-81DE-C33AEC9B3847}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers2\DoorKickers2.exe (KillHouse Games) [File not signed]
FirewallRules: [{DCB7C2BF-466C-4C00-8EAE-986689CBAD46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers2\DoorKickers2.exe (KillHouse Games) [File not signed]
FirewallRules: [{C3F05293-542D-4C51-B121-6B5474AD6FEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02CABF53-34E9-488A-B187-CED93CD9B622}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DACE35D2-C9F0-4EB3-BE17-105B184B48BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9A486B-FA76-4F4A-9C74-A35561D69EED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35F2DB8B-1539-4BF6-8E5E-E0C5FC99605A}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8FAD2BBC-9476-47FB-9E15-346CDBAEB1BD}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BED2FFDD-8169-4996-B79C-C8212D6212CD}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B6049CDA-5875-4617-8BF7-9A052CCCEC06}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B30F5F60-7015-4799-91EB-778700102F8B}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [UDP Query User{A9FFD051-8FCD-44A3-B952-F3AF195157F7}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{CEB8091C-CE29-4B1B-B89B-4FA0EF24556F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BCF0346C-9AA7-40EC-9DCA-DFC1B31F2051}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D79B315C-64F6-49A7-8C52-FAE75805F7D6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B7ECE8BB-8957-4159-B2DB-DE026CE96113}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{8D4CA353-B546-48D8-A235-1E2D885A2337}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{40394BF5-5196-4947-AE3B-3EDF46B64C8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5E8B12E-FA20-4482-8BAC-49D0E2880C85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63221326-276E-4796-8B87-150213399625}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BF43371-7FCC-4158-AE9E-B3D9A440C2FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5ADA3B3-A36D-4E54-94F2-7889FDB3F8CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6F6AA52A-28E5-4C70-98A7-7D3D2B0DF0C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0CA07BD8-3AD6-4374-B338-87F089463A35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C2CF675-8869-479A-B613-C094EB2F2CF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
30-08-2021 13:19:18 Installed IBM SPSS Statistics.
07-09-2021 20:41:19 Scheduled Checkpoint
16-09-2021 05:16:01 Scheduled Checkpoint
21-09-2021 14:08:47 Windows Modules Installer
21-09-2021 18:20:17 Restore Operation
==================== Faulty Device Manager Devices ============
Name: DCP-L2540DW
Description: DCP-L2540DW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/22/2021 12:00:10 AM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Scheduled Checkpoint).
Error: (09/21/2021 09:22:18 PM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (Scheduled Checkpoint).
Error: (09/21/2021 06:31:53 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (09/21/2021 02:51:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcroRd32.exe, version: 21.7.20091.59174, time stamp: 0x613991a9
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0xef8beaeb
Exception code: 0xc0000005
Fault offset: 0x0005f583
Faulting process id: 0x304c
Faulting application start time: 0x01d7af201447c009
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 869101b3-6a42-4759-b8cc-b41b88793855
Faulting package full name:
Faulting package-relative application ID:
Error: (09/20/2021 09:26:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on ErinsPassport (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/20/2021 09:26:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on OS (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (09/17/2021 06:08:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/14/2021 10:02:32 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
System errors:
=============
Error: (09/22/2021 12:04:46 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Digital Delivery Service service hung on starting.
Error: (09/21/2021 11:57:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/21/2021 11:57:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
Error: (09/21/2021 09:24:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OR6TUF)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
Error: (09/21/2021 09:24:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OR6TUF)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.
Error: (09/21/2021 09:24:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OR6TUF)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/21/2021 09:24:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OR6TUF)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/21/2021 09:24:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0OR6TUF)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2021-09-21 18:03:01
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUA:Win32/Mp3Rocket
Severity: Low
Category: Potentially Unwanted Software
Path: file:_F:\mp3rocket.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.349.1181.0, AS: 1.349.1181.0, NIS: 1.349.1181.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10
Date: 2021-09-19 15:15:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-18 13:34:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-17 18:05:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-16 14:05:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-21 13:21:48
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.1082.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2021-09-17 05:06:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.890.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-09-17 05:06:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.890.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2021-06-27 03:15:28
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Dell Inc. 2.17.1 12/16/2020
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 52%
Total physical RAM: 12110.39 MB
Available physical RAM: 5713.58 MB
Total Virtual: 13966.39 MB
Available Virtual: 7040.06 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.19 GB) (Free:651.79 GB) NTFS
Drive f: (ErinsPassport) (Fixed) (Total:465.73 GB) (Free:424.75 GB) NTFS
\\?\Volume{0dc063a1-69be-4be6-ab33-f9d07fccda34}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.5 GB) NTFS
\\?\Volume{98dc49b9-304f-4b24-a15e-39dc3c620e5c}\ (Image) (Fixed) (Total:11.52 GB) (Free:0.23 GB) NTFS
\\?\Volume{792f05df-4929-4744-8772-a75e1c906fe3}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{afe7b3d6-a805-42cc-8e1f-b11ce3a3cae9}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 32F8F15B)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0004A183)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================