Here you go!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by erine (administrator) on DESKTOP-0OR6TUF (Dell Inc. Inspiron 3670) (26-09-2021 04:22:07)
Running from C:\Users\erine\Desktop
Loaded Profiles: erine
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ESET, spol. s r.o. -> ESET) C:\Users\erine\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <21>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFHelper.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Meraki, LLC. -> Meraki, Inc.) C:\Program Files\Meraki\Systems Manager Agent 3.1.1\m_agent_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\erine\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\erine\AppData\Local\Microsoft\OneDrive\OneDrive.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(Thesycon Software Solutions GmbH & Co. KG -> ) C:\Program Files\Positive Grid\USB Audio Device Driver\W10_x64\Spark40USBAudioDriverCpl.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [340480 2018-07-25] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSvc64.exe [1237696 2020-12-06] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8091424 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft) [File not signed]
HKLM-x32\...\Run: [LeapFrog Connect 2 Launcher] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFLauncher.exe [30320 2019-08-13] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.54\Installer\chrmstp.exe [2021-09-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Positive Grid USB Audio Device Control Panel Autostart.lnk [2021-07-29]
ShortcutTarget: Positive Grid USB Audio Device Control Panel Autostart.lnk -> C:\Program Files\Positive Grid\USB Audio Device Driver\W10_x64\Spark40USBAudioDriverCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
Startup: C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-05-20]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {055CB0F3-581D-4BF4-A07F-BD9C174ADD67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-22] (Google LLC -> Google LLC)
Task: {11C369DA-8429-4770-97FE-B0E2B7D2A5F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {137913B0-BA06-4AF2-9D39-15C9D262E643} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BE86C00-AA40-4497-BE7C-CD3F3DBA242A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {35FF5702-C0A4-4C79-AFAE-DF3F5794D2D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {361A9B78-F48C-4CF9-AADB-2C588162FAC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {423B6AD6-CA12-4720-82C4-C6F1DC202E37} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\erine\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-09-25] (ESET, spol. s r.o. -> ESET)
Task: {4BF93158-D314-443E-BD3C-8BE8CE6BDAEC} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\erine\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-09-25] (ESET, spol. s r.o. -> ESET)
Task: {5F310278-A23C-41E8-BE08-E1A047D7B5D4} - System32\Tasks\Daily Restart => shutdown /r
Task: {6DDBADCD-AD84-44A5-BFA8-2322E1DB69D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D125A5D-DE8E-4BFF-850C-93366F193045} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-22] (Google LLC -> Google LLC)
Task: {8EA652E2-0F53-41E2-9C94-9577C55C2ABA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {93461ECF-28A9-4D49-B11F-A1A8275E8339} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1155480 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8F926DE-4DB7-4BFC-86D7-32F2800E6E41} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A930250E-FD60-483D-B73A-D446A2B91AF5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {B0FC898B-670F-493E-8A53-4FD380C81F54} - System32\Tasks\NCH Software\ExpressRipDowngrade => C:\Program Files (x86)\NCH Software\ExpressRip\expressrip.exe [1006648 2019-03-22] (NCH Software Pty Ltd -> NCH Software)
Task: {C37B4CFA-631B-49AF-BF09-692DCA436213} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {C4AC0B23-378D-453F-8E66-F62E455295F6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C902F622-B369-44AD-8BE6-46FDB35C5B1A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0142236-511F-4774-A84E-E39E07AD1A30} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3F632A4-BCA9-46DF-BDFF-7D5BBD9BD5A0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F323D4A5-A8BC-45F0-BA78-CEB3845793B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {FBA9D3F3-F308-4266-B394-D8B8F5DB8EED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.12.1
Tcpip\..\Interfaces\{2d523801-0097-4f41-aeb8-f30dcdd432b5}: [DhcpNameServer] 192.168.12.1
Tcpip\..\Interfaces\{efd4fddc-f2ea-4ba3-b79d-778a0be4e2c9}: [DhcpNameServer] 172.71.1.171
Edge:
=======
DownloadDir: C:\Users\erine\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\erine\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-25]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-22]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: un57y4gx.default
FF ProfilePath: C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default [2021-09-23]
FF Extension: (translator-lite) - C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default\Extensions\
[email protected] [2019-03-11]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\erine\AppData\Roaming\Mozilla\Firefox\Profiles\un57y4gx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-22]
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default [2021-09-26]
CHR DownloadDir: C:\Users\erine\Downloads
CHR HomePage: Default -> hxxps://my.erikson.edu/ics/default.aspx/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxp://www.office.com/"
CHR Extension: (Slides) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-02]
CHR Extension: (Docs) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-02]
CHR Extension: (Google Drive) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-02]
CHR Extension: (Adobe Acrobat) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-18]
CHR Extension: (Sheets) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-02]
CHR Extension: (Whisk) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfoijmnbedaipllfimaogeepohalbgka [2021-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-22]
CHR Extension: (Pinterest Save Button) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-09-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-14]
CHR Extension: (Google Scholar Button) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2020-10-08]
CHR Extension: (No Name) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-05-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-26]
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-25]
CHR Extension: (Slides) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-13]
CHR Extension: (Google Drive) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-13]
CHR Extension: (YouTube) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-13]
CHR Extension: (Adobe Acrobat) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-13]
CHR Extension: (Sheets) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-13]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-13]
CHR Extension: (Gmail) - C:\Users\erine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-13]
CHR Profile: C:\Users\erine\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-09-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LFHelper; C:\Program Files (x86)\LeapFrog\LeapFrog Connect2\LFHelper.exe [2606704 2019-08-13] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-21] (Malwarebytes Inc -> Malwarebytes)
R2 MerakiSystemsManagerAgent; C:\Program Files\Meraki\Systems Manager Agent 3.1.1\m_agent_service.exe [6269152 2021-04-27] (Meraki, LLC. -> Meraki, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3446576 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iTransfer\DriverInstall.exe [107200 2017-11-08] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsld996faae; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{90711D60-703A-45A2-90A5-65E61528E150}\MpKslDrv.sys [130296 2021-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 Spark40USBAudioDriver; C:\WINDOWS\System32\drivers\Spark40USBAudioDriver.sys [377384 2019-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 Spark40USBAudioDriverks; C:\WINDOWS\System32\drivers\Spark40USBAudioDriverks.sys [53800 2019-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2013-04-11] (WatchGuard Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-26 01:45 - 2021-09-26 01:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-09-26 01:45 - 2021-09-26 01:45 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-09-26 01:40 - 2021-09-26 01:40 - 000001214 _____ C:\Users\erine\Documents\eset 09.26.21.txt
2021-09-25 13:59 - 2021-09-25 13:59 - 000001294 _____ C:\Users\erine\Desktop\ESET Online Scanner.lnk
2021-09-25 13:58 - 2021-09-25 13:59 - 000001400 _____ C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-09-25 13:58 - 2021-09-25 13:58 - 000000000 ____D C:\Users\erine\AppData\Local\ESET
2021-09-25 13:57 - 2021-09-25 13:57 - 011697056 _____ (ESET) C:\Users\erine\Desktop\esetonlinescanner.exe
2021-09-25 13:52 - 2021-09-25 13:52 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-09-25 13:52 - 2021-09-25 13:52 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-09-25 13:52 - 2021-09-25 13:52 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-09-24 14:32 - 2021-09-24 14:32 - 000039838 _____ C:\Users\erine\Downloads\participantsFile-1503486 (2).xlsx
2021-09-24 14:30 - 2021-09-24 14:30 - 000046008 _____ C:\Users\erine\Downloads\NSF Participants - SRI (1).xlsx
2021-09-23 01:13 - 2021-09-25 13:49 - 108265472 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-09-23 01:13 - 2021-09-23 01:13 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-09-23 00:30 - 2021-09-23 00:30 - 000004476 _____ C:\Users\erine\Desktop\AdwCleaner[S01].txt
2021-09-22 23:26 - 2021-09-22 23:26 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-22 23:26 - 2021-09-22 23:26 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-22 23:25 - 2021-09-22 23:25 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-22 23:25 - 2021-09-22 23:25 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-22 23:25 - 2021-09-22 23:25 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-22 23:25 - 2021-09-22 23:25 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-22 23:25 - 2021-09-22 23:25 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-22 23:25 - 2021-09-22 23:25 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-22 23:25 - 2021-09-22 23:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-22 23:25 - 2021-09-22 23:25 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-22 23:25 - 2021-09-22 23:25 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-22 23:25 - 2021-09-22 23:25 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-22 23:24 - 2021-09-22 23:24 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-22 23:24 - 2021-09-22 23:24 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-22 23:24 - 2021-09-22 23:24 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-22 23:24 - 2021-09-22 23:24 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-22 23:24 - 2021-09-22 23:24 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-22 23:24 - 2021-09-22 23:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-22 23:24 - 2021-09-22 23:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-22 23:24 - 2021-09-22 23:24 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-22 22:41 - 2021-09-22 22:50 - 000000000 ___HD C:\$WinREAgent
2021-09-22 19:26 - 2021-09-25 13:48 - 000000000 ____D C:\AdwCleaner
2021-09-22 19:25 - 2021-09-22 19:26 - 008553680 _____ (Malwarebytes) C:\Users\erine\Desktop\AdwCleaner.exe
2021-09-22 17:06 - 2021-09-22 17:15 - 000005265 _____ C:\Users\erine\Desktop\Fixlog.txt
2021-09-22 17:03 - 2021-09-22 17:03 - 002304512 _____ (Farbar) C:\Users\erine\Desktop\FRST64.exe
2021-09-22 16:48 - 2021-09-22 16:51 - 000003336 _____ C:\WINDOWS\system32\Tasks\Daily Restart
2021-09-22 16:39 - 2021-09-22 23:44 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-22 16:39 - 2021-09-22 23:43 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-22 16:39 - 2021-09-22 16:39 - 000000000 ____D C:\Program Files\Google
2021-09-22 16:38 - 2021-09-22 16:38 - 001342296 _____ (Google LLC) C:\Users\erine\Downloads\ChromeSetup.exe
2021-09-22 16:38 - 2021-09-22 16:38 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-22 16:38 - 2021-09-22 16:38 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-22 14:45 - 2021-09-22 14:49 - 001247977 _____ C:\Users\erine\Downloads\2016incomeToAge5.xlsx
2021-09-22 10:06 - 2021-09-22 10:06 - 000000000 ____D C:\Users\erine\Documents\FeedbackHub
2021-09-22 02:23 - 2019-12-19 14:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2021-09-22 02:22 - 2021-09-22 02:22 - 000000000 ____D C:\ProgramData\Intel Package Cache {29d6077f-6adb-42de-abac-1c60aeb0e237}
2021-09-22 02:20 - 2021-09-22 02:20 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72}
2021-09-22 02:20 - 2021-09-22 02:20 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2021-09-22 01:25 - 2021-09-22 23:38 - 000563080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-22 00:37 - 2021-09-22 00:37 - 000000000 ____D C:\Users\erine\Documents\Dell
2021-09-22 00:20 - 2021-09-22 16:58 - 000000000 ____D C:\Users\erine\Desktop\FRST-OlderVersion
2021-09-21 15:19 - 2021-09-21 15:19 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-09-21 15:07 - 2021-09-21 15:07 - 000000000 ___HD C:\$SysReset
2021-09-21 12:58 - 2021-06-18 06:35 - 001859624 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001859624 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-21 12:58 - 2021-06-18 06:35 - 001102328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 001102328 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000956432 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000956432 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000614232 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000429928 _____ C:\WINDOWS\system32\ze_loader.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000309696 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000257088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000173080 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000148360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-09-21 12:58 - 2021-06-18 06:35 - 000145776 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 026671952 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 013499224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 000507744 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-09-21 12:58 - 2021-06-18 06:34 - 000370528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-09-21 12:58 - 2021-06-18 06:33 - 000354672 _____ C:\WINDOWS\system32\ControlLib.dll
2021-09-17 22:08 - 2021-09-17 22:08 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3707107645-3133845480-1438675409-1001
2021-09-17 22:08 - 2021-09-17 22:08 - 000002385 _____ C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-16 18:26 - 2021-09-16 18:26 - 001628064 _____ C:\Users\erine\Downloads\MQI Coaching Camera Set Up Guide (1).pdf
2021-09-16 18:15 - 2021-09-16 18:15 - 001628064 _____ C:\Users\erine\Downloads\MQI Coaching Camera Set Up Guide.pdf
2021-09-16 15:26 - 2021-09-16 15:26 - 008087229 _____ C:\Users\erine\Downloads\Gender.zip
2021-09-16 14:20 - 2021-09-16 14:20 - 000818066 _____ C:\Users\erine\Downloads\Cahoon_Cassidy_Purpura_et_al._2021_Rigorous_Measure_JNC_AAM.pdf
2021-09-16 03:53 - 2021-09-16 03:53 - 000012175 _____ C:\Users\erine\Desktop\NSF Figures.xlsx
2021-09-14 22:02 - 2021-09-14 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-09-14 11:46 - 2021-09-14 11:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-14 11:44 - 2021-09-14 11:44 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-09-13 05:58 - 2021-09-13 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-09-13 05:58 - 2021-09-13 05:58 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-09-10 14:09 - 2021-09-10 14:09 - 000000000 ____D C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-10 13:50 - 2021-09-10 13:50 - 000896935 _____ C:\Users\erine\Downloads\fe_report_fin.pdf
2021-09-08 00:57 - 2021-09-26 02:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-05 01:35 - 2021-09-16 23:10 - 000017905 _____ C:\Users\erine\Desktop\Milk Ledger.xlsx
2021-09-04 15:56 - 2021-09-04 15:56 - 000105464 _____ C:\Users\erine\Downloads\MQI Coaching Teacher Matching - by coach.xlsx
2021-09-02 00:21 - 2021-09-02 00:21 - 002857747 _____ C:\Users\erine\Downloads\Curriculum Night Power Point.pptx.pdf
2021-09-01 00:05 - 2021-09-01 00:05 - 000011607 _____ C:\Users\erine\Downloads\FY21 Report Summary 8.31.21.xlsx
2021-08-31 14:12 - 2021-08-31 14:12 - 000336341 _____ C:\Users\erine\Downloads\Math Partners_Narrative.edited.pdf
2021-08-31 11:56 - 2021-08-31 11:56 - 000003524 _____ C:\Users\erine\Downloads\EQUIP_M_Forms_Summary.csv
2021-08-31 11:47 - 2021-08-31 11:47 - 000007616 _____ C:\Users\erine\Downloads\EQUIP_M_Forms (12).csv
2021-08-30 14:57 - 2021-08-30 14:57 - 000000000 ____D C:\Users\erine\.IBM
2021-08-30 13:32 - 2021-08-30 13:32 - 000000000 ____D C:\Users\erine\AppData\Local\renv
2021-08-30 13:29 - 2021-08-30 13:29 - 000002168 _____ C:\Users\Public\Desktop\IBM SPSS Statistics.lnk
2021-08-30 13:29 - 2021-08-30 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2021-08-30 13:14 - 2021-08-30 13:17 - 880796040 _____ (IBM Corp) C:\Users\erine\SSC_64-bit_28.0.0.0_MWins.exe
2021-08-27 15:17 - 2021-08-27 15:17 - 000002370 _____ C:\Users\erine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-08-27 15:17 - 2021-08-27 15:17 - 000002362 _____ C:\Users\erine\Desktop\Microsoft Teams.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-26 04:23 - 2021-03-05 12:01 - 000026522 _____ C:\Users\erine\Desktop\FRST.txt
2021-09-26 04:23 - 2021-03-05 11:56 - 000000000 ____D C:\FRST
2021-09-26 03:43 - 2018-12-02 19:13 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-26 02:57 - 2018-12-02 19:36 - 000000000 ____D C:\Users\erine\AppData\LocalLow\Mozilla
2021-09-26 02:53 - 2021-06-24 04:36 - 000000000 ____D C:\Users\erine\AppData\LocalLow\IGDump
2021-09-26 01:36 - 2020-11-01 03:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-25 23:14 - 2020-08-22 05:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-25 23:14 - 2020-08-22 05:58 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-25 23:14 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-25 23:14 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-25 23:14 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-25 20:16 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-25 13:58 - 2020-11-01 03:52 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-25 13:55 - 2020-05-18 12:16 - 000000000 ___RD C:\Users\erine\OneDrive - erikson.edu
2021-09-25 13:55 - 2019-10-04 15:11 - 000000000 ___RD C:\Users\erine\erikson.edu
2021-09-25 13:54 - 2018-12-02 19:07 - 000000000 ___RD C:\Users\erine\OneDrive
2021-09-25 13:50 - 2020-11-01 04:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-25 13:50 - 2020-11-01 03:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-25 13:50 - 2018-09-11 08:13 - 000000000 ____D C:\Intel
2021-09-25 13:49 - 2019-12-07 04:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-09-24 16:23 - 2020-05-18 17:19 - 000000000 ____D C:\Users\erine\Documents\Housekeeping
2021-09-24 14:32 - 2018-12-02 19:02 - 000000000 ____D C:\Users\erine\AppData\Local\Packages
2021-09-24 00:51 - 2020-05-18 17:19 - 000000000 ____D C:\Users\erine\Documents\Zoom
2021-09-23 00:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-23 00:04 - 2019-02-07 16:23 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-22 23:35 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-22 23:34 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-22 23:34 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-22 23:34 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-22 23:34 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-22 23:34 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-22 23:33 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-22 23:01 - 2020-04-01 00:10 - 000000000 ____D C:\Program Files\Avid
2021-09-22 23:00 - 2020-04-01 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid
2021-09-22 23:00 - 2020-04-01 00:10 - 000000000 ____D C:\ProgramData\Avid
2021-09-22 22:51 - 2018-12-05 23:44 - 000000000 ____D C:\Users\erine\AppData\Local\WebEx
2021-09-22 22:50 - 2018-12-05 23:44 - 000000000 ____D C:\Users\erine\AppData\Roaming\webex
2021-09-22 22:48 - 2018-12-02 20:40 - 000000000 ____D C:\Users\erine\AppData\Local\D3DSCache
2021-09-22 22:39 - 2018-12-02 19:04 - 000000000 ____D C:\Users\erine\AppData\Local\PlaceholderTileLogoFolder
2021-09-22 21:38 - 2021-03-05 12:06 - 000007606 _____ C:\Users\erine\AppData\Local\resmon.resmoncfg
2021-09-22 17:15 - 2019-01-23 13:56 - 000000000 ____D C:\Users\erine\AppData\LocalLow\Temp
2021-09-22 10:36 - 2021-03-05 12:17 - 000058909 _____ C:\Users\erine\Desktop\Addition.txt
2021-09-22 10:09 - 2019-04-07 23:04 - 000000000 ____D C:\Users\erine\AppData\Local\ElevatedDiagnostics
2021-09-22 02:24 - 2018-09-11 08:09 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-09-22 02:23 - 2021-04-12 11:26 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-09-22 02:23 - 2018-09-11 08:09 - 000019632 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2021-09-22 02:21 - 2018-12-02 19:05 - 000000000 ____D C:\ProgramData\Packages
2021-09-22 02:19 - 2018-09-11 08:08 - 000000000 ____D C:\ProgramData\Intel
2021-09-22 02:07 - 2018-09-11 08:06 - 000000000 ____D C:\Program Files\Intel
2021-09-22 01:26 - 2020-10-30 02:10 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-21 15:19 - 2021-05-28 15:28 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-21 15:19 - 2020-08-02 03:43 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-21 15:17 - 2021-05-28 15:27 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-09-21 15:11 - 2020-09-05 17:16 - 000000000 ____D C:\Users\erine\AppData\Local\CrashDumps
2021-09-18 20:24 - 2021-07-04 21:28 - 000000000 ____D C:\Users\erine\AppData\Roaming\.minecraft
2021-09-17 03:21 - 2018-12-02 22:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 03:16 - 2018-12-02 22:38 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-16 23:05 - 2018-12-02 19:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-14 22:03 - 2019-01-04 18:06 - 000000000 ____D C:\Users\erine\AppData\Local\Dropbox
2021-09-14 22:03 - 2019-01-04 18:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-09-12 04:53 - 2018-12-02 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-10 14:10 - 2018-12-11 11:41 - 000000000 ____D C:\Users\erine\AppData\Roaming\Zoom
2021-09-09 10:11 - 2020-09-30 02:14 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-08 13:17 - 2018-09-11 07:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-08 07:57 - 2021-07-27 17:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-08 07:57 - 2018-12-02 19:36 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-02 01:01 - 2019-12-07 04:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-08-31 13:50 - 2020-09-16 02:30 - 000000000 ____D C:\Users\erine\AppData\Local\javasharedresources
2021-08-30 20:26 - 2019-11-13 08:00 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-30 14:57 - 2020-11-01 03:39 - 000000000 ____D C:\Users\erine
2021-08-30 13:32 - 2020-09-16 02:33 - 000000000 ____D C:\Users\erine\AppData\Roaming\IBM
2021-08-30 13:23 - 2020-09-16 02:28 - 000000000 ____D C:\Program Files\IBM
==================== Files in the root of some directories ========
2021-08-30 13:14 - 2021-08-30 13:17 - 880796040 _____ (IBM Corp) C:\Users\erine\SSC_64-bit_28.0.0.0_MWins.exe
2020-04-01 00:10 - 2020-04-01 00:11 - 001451682 _____ () C:\Users\erine\AppData\Roaming\AvidLink_Install.log
2021-03-05 12:06 - 2021-09-22 21:38 - 000007606 _____ () C:\Users\erine\AppData\Local\resmon.resmoncfg
==================== FLock ==============================
2021-05-28 05:10 C:\Recovery
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by erine (26-09-2021 04:27:21)
Running from C:\Users\erine\Desktop
Windows 10 Home Version 21H1 19043.1237 (X64) (2020-11-01 09:09:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3707107645-3133845480-1438675409-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3707107645-3133845480-1438675409-503 - Limited - Disabled)
erine (S-1-5-21-3707107645-3133845480-1438675409-1001 - Administrator - Enabled) => C:\Users\erine
Guest (S-1-5-21-3707107645-3133845480-1438675409-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3707107645-3133845480-1438675409-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Amazon Kindle) (Version: 1.28.0.57030 - Amazon)
Comcast Business VoiceEdge Companion (HKLM-x32\...\B14ACF74-0DA5-4DEC-813B-6E5902DC6DAB_is1) (Version: 4.1.0 - Comcast Business)
Coolmuster Android Assistant (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Coolmuster Android Assistant) (Version: 4.3.497 - Coolmuster)
Dell Digital Delivery Service (HKLM-x32\...\{66E2407E-9001-483E-B2AA-7AEF97567143}) (Version: 3.6.1005.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{913C378B-00FC-429C-BCC4-E7B2EC6679C7}) (Version: 1.2.6266 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 131.4.3968 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.503.1 - Dropbox, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{90BC69B6-C3DD-45E3-B2EE-354635A0329B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Ensemble Anthem (HKLM-x32\...\{DAC7A13A-4B6E-4697-8F4E-EA9836F34EBC}) (Version: 2.7.0 - Ensemble Video)
Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 3.00 - NCH Software)
G*Power 3.1.9.7 (HKLM-x32\...\{FA3666A9-FF30-4777-B906-305B1EF0486E}) (Version: 3.1.97 - Franz Faul, Uni Kiel, Germany)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.54 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
HLM 8.00 for Windows (Student) (HKLM-x32\...\{9E3FCEEE-3163-4946-A8AB-C97F4F70DD12}) (Version: 8.00 - SSI, Inc.)
IBM SPSS Statistics (HKLM\...\{DC8AD675-36E2-44AD-8FB9-FA069BEAC190}) (Version: 28.0.0.0 - IBM Corp)
IBM SPSS Statistics 27 (HKLM\...\{8EAD21F8-AD8B-4C6F-ABE6-92357CAB043E}) (Version: 27.0.0.0 - IBM Corp)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2110.15.0.2210 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
iSkysoft iTransfer ( Version 4.3.1 ) (HKLM-x32\...\{84A89F3A-B59A-4324-8598-3611853769C8}_is1) (Version: 4.3.1 - iSkysoft)
LeapFrog Connect 2 (HKLM-x32\...\LeapFrogConnect2) (Version: 4.0.22.435 - LeapFrog)
LeapFrogConnect2 (HKLM-x32\...\{E713461D-C80C-4E84-B53D-B351E9FD8EBA}) (Version: 4.0.22.435 - LeapFrog) Hidden
LeapStart (HKLM-x32\...\{86F8863C-5B13-4809-B154-A6F2F75A680C}) (Version: 4.0.24.437 - LeapFrog) Hidden
Malwarebytes version 4.4.6.132 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 - Malwarebytes)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Meraki Systems Manager Agent (HKLM\...\{573BE5A2-40E9-4C53-A744-CD352DBCC0C1}) (Version: 3.1.1 - Meraki)
Meraki Systems Manager Agent (HKLM-x32\...\{BCD00ACA-E928-48E3-BE0E-342F052BDA5C}) (Version: 1.0.98 - Meraki)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 92.0 (x64 en-US)) (Version: 92.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.68.39605 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Positive Grid USB Audio Device Driver v4.80.0 (HKLM-x32\...\Software_PositiveGrid_PositiveGrid_UsbAudio_Driver_Setup) (Version: 4.80.0 - Positive Grid)
QT5.10.1 (HKLM-x32\...\{D648CC39-D39C-445B-AEB7-213632704032}) (Version: 1.0.0.0 - LeapFrog) Hidden
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9155.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Sibelius (HKLM\...\{6E8787BE-2DCD-4212-BCE3-62F0D1890CB5}) (Version: 20.3.0.2503 - Avid Technology)
Sibelius OpenType Fonts (HKLM-x32\...\{797B694A-E317-4405-A512-76A91A50243F}) (Version: 20.1.0 - Avid)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.22654 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Use the entry named LeapFrog Connect2 to uninstall QT5.10.1 (HKLM-x32\...\QT5.10.1) (Version: - LeapFrog)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\ZoomUMX) (Version: 5.7.8 (1247) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{2C9A4261-9CAB-4FF1-AC5A-AC436FBB4F48}) (Version: 5.4.58474 - Zoom)
Packages:
=========
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-19] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-09-22] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-08-12] (Dell Inc)
Golden Farm -> C:\Program Files\WindowsApps\4ACEF246.GoldenFarm_2.6.14.0_x86__05g3z837ka020 [2021-09-22] (ПлейМи8)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-22] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2021-09-22] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-02] (LinkedIn)
LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.0.10.0_x64__rx5mtpcf576t0 [2021-09-21] (LiquidText)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-26] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-15] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-12-02] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-14] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0 [2021-09-21] (Spotify AB) [Startup Task]
Township -> C:\Program Files\WindowsApps\PLRWORLDWIDESALES.TOWNSHIP_2021.852.1.0_x64__1feq88045d2v2 [2021-09-01] (Playrix)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2018-12-02] (Waves Audio)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{04271989-C4D2-88A2-3539-1A94673CEAB1} -> [OneDrive - erikson.edu] => C:\Users\erine\OneDrive - erikson.edu [2020-05-18 12:16]
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{04271989-C4D2-E4DB-C5EA-728D92C7BD4B} -> [erikson.edu] => C:\Users\erine\erikson.edu [2019-10-04 15:11]
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\erine\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\erine\Dropbox [2019-01-04 18:11]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-28] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-05-23 15:57 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\sharepoint.com -> hxxps://erikson-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.12.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Avid Link.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "LeapFrog Connect 2 Launcher"
HKU\S-1-5-21-3707107645-3133845480-1438675409-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{82FE4774-7537-40D4-8C40-CB1E04F8B9DB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{91265713-1BBB-4EFD-918E-8AC3F172D293}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{D41C67E6-5EF9-4387-8E7A-C0CFF6A70183}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{FCB196ED-7F09-493B-851D-F7D005EA342D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{797D1683-93F2-436A-AE46-8A6C03D3A99F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4ECB768A-7AEF-40C0-9735-7184D93F5FCD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\27\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{8069A8E5-D2BD-483C-BFDE-58870785C960}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe => No File
FirewallRules: [{4FEEDD4D-FF92-4455-AB6E-544F7BE57D8D}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe => No File
FirewallRules: [{68C5941B-BF1D-4ADB-A299-5AB0E491DF27}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe => No File
FirewallRules: [{AB8C8466-A433-4B37-B535-F8F64B6B4F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{2E5D5CE8-C96E-46E3-ADF3-4AF738FB6404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{1BB45BF6-C2F6-4DB2-A81E-1BA2C8322294}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{27D0D49B-7299-46BD-B764-15D687BF7D06}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{EEE394CF-2D2F-483E-8613-AD38FBEBEC2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gary Grigsby's War in the East\autorun.exe (Slitherine Ltd -> Matrix Publishing Ltd.)
FirewallRules: [{0EA081DF-F331-4613-A022-4BE8354C329D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gary Grigsby's War in the East\autorun.exe (Slitherine Ltd -> Matrix Publishing Ltd.)
FirewallRules: [UDP Query User{0AADBF99-E49A-470A-84C3-A445CF235D41}C:\users\erine\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\erine\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AC25FB74-84CA-4847-B09F-F7143197E990}C:\users\erine\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\erine\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABA2EB13-5D2C-455F-A3AE-5BE0DF5C195F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8DE8C12E-51DB-4280-989B-EEFF1931C5C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{4BEC8F64-4607-4E9B-A209-00688A19FDB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steel Division 2\SteelDivision2.exe (Eugen Systems -> )
FirewallRules: [{97DA9C1D-F386-4B7A-A99C-1440A2C154F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Steel Division 2\SteelDivision2.exe (Eugen Systems -> )
FirewallRules: [{E93034E9-9443-476F-964D-6C5070F1ADD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B6622C3D-3707-43DA-B5A6-8599CDF72043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{C6E35B94-22E1-4229-A500-6FC32A0EBC45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{C18BFC5B-68EE-4237-8C85-1EA1B0C4C2BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{6764EA49-E091-42EE-B6F3-3BE87A88721A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{E4D706BE-7FF3-478D-AF73-1B17D9A2BF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B985B362-BDB3-493B-A206-970E2D1323DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{2477E48C-20B1-4E19-9D7B-CCB9553EBC99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{0B9FD753-8363-40B2-8B92-99E6F08055CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{699FC05B-C7B0-4A70-9C5C-EB0CC7F720B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{8C1F622C-3C47-4EE0-8AA2-9323509AE855}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{F249F148-5AD5-4D87-9EC1-35DAFD5ADFCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{557977B2-27B4-4457-9E98-F49B3A008420}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{906D40C6-E3B1-4580-AA51-BA445A074AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B5A938DB-9C46-4F71-A42E-1CB98406DA81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B8486867-0FE5-4ACA-946A-D213304AA51C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DDE83877-17D5-4FDF-AAA5-2D3FE2B62307}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe (Witold Budziszewski) [File not signed]
FirewallRules: [{6922417B-4AB2-4EC0-A47B-58C9593DAA1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkest Hour A HOI Game\Darkest Hour Launcher.exe (Witold Budziszewski) [File not signed]
FirewallRules: [{714773E4-E0B5-4EA0-80E8-F0D156B1F696}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{269078E5-3A6D-4519-8182-0AA78896E999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{4CA29012-B83A-4ECA-BE17-0B6F76173FC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{80C230DC-C372-422C-A7C1-0295487EB577}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3062A725-8B8C-4737-B938-5159C1F8BAD8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.11001.20108.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A20DCD7-4621-4B9E-9666-2E2CD79C6839}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6DAE79D6-5676-41DA-BCDD-E6C03E7C3FA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{035DEDDF-E79A-4167-A583-3A47054DA3F7}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{52931BB2-AD5A-4E2A-8DE6-182F3D8DC90A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{AB766514-604C-4DBA-B002-D77B73A1E6E6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{5EF13515-3723-47F2-ABCA-E745246AB2D4}C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [UDP Query User{58E11E2C-C253-47C7-B49D-DA8F227979B3}C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [{50E43B59-7084-4D0D-AF62-5B4802508B2C}] => (Block) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [{E2F0F573-400B-4772-9EBA-FA4DF606A905}] => (Block) C:\program files (x86)\coolmuster\coolmuster android assistant\4.3.497\bin\androidassistserver.exe (UUMART LIMITED -> AndroidAssistServer) [File not signed]
FirewallRules: [TCP Query User{B7C35C69-7505-49A3-B2A1-BDC75CE23223}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{113914F1-ED21-4DF8-BFBD-47BFD1943831}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1EE83D3B-715B-4A07-926A-99F07DC5D87F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{6914C75B-8A33-4BCF-B2B6-B5154E370D8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{60087F19-41E9-4B83-92BF-42AE0E96B285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\Ultimate General Civil War.exe () [File not signed]
FirewallRules: [{1343FBE2-EFFA-4694-83C4-0CE004845964}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\Ultimate General Civil War.exe () [File not signed]
FirewallRules: [{D6308340-01AB-4E9A-BC95-11D14026AC64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\UGCWReporter.exe () [File not signed]
FirewallRules: [{F0C93BA6-F6E2-4424-AB6F-549AA0FC9D16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate General Civil War\UGCWReporter.exe () [File not signed]
FirewallRules: [{5D4C5A9A-4F5F-4CF0-AD0C-B53668077E2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38F9008D-0333-4593-8D78-237A27B56288}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{03D065CB-622F-4E20-8916-59BD6A83C25A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3447EA05-5783-4ED3-A145-4B43571A4077}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7D391528-ED0B-4F09-8452-1B86A3F8EB2B}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{2AADF3EC-9353-4232-8BE2-A03C5781AFD4}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{28640029-1CB6-4D5C-81DE-C33AEC9B3847}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers2\DoorKickers2.exe (KillHouse Games) [File not signed]
FirewallRules: [{DCB7C2BF-466C-4C00-8EAE-986689CBAD46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DoorKickers2\DoorKickers2.exe (KillHouse Games) [File not signed]
FirewallRules: [{C3F05293-542D-4C51-B121-6B5474AD6FEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02CABF53-34E9-488A-B187-CED93CD9B622}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DACE35D2-C9F0-4EB3-BE17-105B184B48BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9A486B-FA76-4F4A-9C74-A35561D69EED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35F2DB8B-1539-4BF6-8E5E-E0C5FC99605A}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8FAD2BBC-9476-47FB-9E15-346CDBAEB1BD}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BED2FFDD-8169-4996-B79C-C8212D6212CD}] => (Allow) C:\Users\erine\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B6049CDA-5875-4617-8BF7-9A052CCCEC06}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B30F5F60-7015-4799-91EB-778700102F8B}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [UDP Query User{A9FFD051-8FCD-44A3-B952-F3AF195157F7}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{CEB8091C-CE29-4B1B-B89B-4FA0EF24556F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{D79B315C-64F6-49A7-8C52-FAE75805F7D6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B7ECE8BB-8957-4159-B2DB-DE026CE96113}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{8D4CA353-B546-48D8-A235-1E2D885A2337}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{40394BF5-5196-4947-AE3B-3EDF46B64C8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5E8B12E-FA20-4482-8BAC-49D0E2880C85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63221326-276E-4796-8B87-150213399625}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BF43371-7FCC-4158-AE9E-B3D9A440C2FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5ADA3B3-A36D-4E54-94F2-7889FDB3F8CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6F6AA52A-28E5-4C70-98A7-7D3D2B0DF0C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0CA07BD8-3AD6-4374-B338-87F089463A35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C2CF675-8869-479A-B613-C094EB2F2CF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{55F125F1-031F-4276-B2EE-805F5B21DC17}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
16-09-2021 05:16:01 Scheduled Checkpoint
21-09-2021 14:08:47 Windows Modules Installer
21-09-2021 18:20:17 Restore Operation
22-09-2021 22:50:16 Windows Modules Installer
22-09-2021 22:50:53 Removed Avid Link.
==================== Faulty Device Manager Devices ============
Name: DCP-L2540DW
Description: DCP-L2540DW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/24/2021 01:34:35 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (09/22/2021 11:54:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_FrameServer, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0xc9db1934
Exception code: 0xc00d4e24
Fault offset: 0x000000000010be3e
Faulting process id: 0x29a0
Faulting application start time: 0x01d7b036edadc4c6
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 0e03ea42-d46e-4ef6-bc39-eb90f17cd87b
Faulting package full name:
Faulting package-relative application ID:
Error: (09/22/2021 11:36:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/22/2021 11:36:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (09/22/2021 11:36:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/22/2021 11:36:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (09/22/2021 07:04:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/22/2021 07:04:10 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
System errors:
=============
Error: (09/26/2021 02:57:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Mozilla Maintenance Service service terminated with the following error:
Incorrect function.
Error: (09/25/2021 02:02:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (09/25/2021 02:02:26 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\erine\AppData\Local\Temp\ehdrv.sys
Error: (09/25/2021 02:02:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (09/25/2021 02:02:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\erine\AppData\Local\Temp\ehdrv.sys
Error: (09/25/2021 02:02:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (09/25/2021 02:02:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\erine\AppData\Local\Temp\ehdrv.sys
Error: (09/25/2021 02:02:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\erine\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-09-25 23:02:43
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUA:Win32/Mp3Rocket
Severity: Low
Category: Potentially Unwanted Software
Path: file:_F:\Old Desktop 12.2018\mp3rocket.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\erine\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Security intelligence Version: AV: 1.349.1397.0, AS: 1.349.1397.0, NIS: 1.349.1397.0
Engine Version: AM: 1.1.18500.10, NIS: 1.1.18500.10
Date: 2021-09-25 20:14:53
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-24 18:36:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-23 14:17:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-22 15:31:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-21 13:21:48
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.1082.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2021-09-17 05:06:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.890.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-09-17 05:06:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.890.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2021-09-22 02:06:46
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Installer\MSI307B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-06-27 03:15:28
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Dell Inc. 2.19.0 07/14/2021
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 59%
Total physical RAM: 12110.39 MB
Available physical RAM: 4941.64 MB
Total Virtual: 13966.39 MB
Available Virtual: 4000.18 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.19 GB) (Free:661.95 GB) NTFS
Drive f: (ErinsPassport) (Fixed) (Total:465.73 GB) (Free:424.58 GB) NTFS
\\?\Volume{0dc063a1-69be-4be6-ab33-f9d07fccda34}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{98dc49b9-304f-4b24-a15e-39dc3c620e5c}\ (Image) (Fixed) (Total:11.52 GB) (Free:0.23 GB) NTFS
\\?\Volume{792f05df-4929-4744-8772-a75e1c906fe3}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{afe7b3d6-a805-42cc-8e1f-b11ce3a3cae9}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 32F8F15B)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0004A183)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================