my PC performs slowly. Please check my files, tks.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021
Ran by jmccastle (administrator) on DESKTOP-M0NPDML (LENOVO 20AMS24V00) (22-11-2021 03:08:59)
Running from C:\Users\jmcca\Downloads
Loaded Profiles: jmccastle
Platform: Microsoft Windows 10 Pro Version 1909 18363.1556 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fs_ui_32.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe <3>
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\ui\fsmainui.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\http\1637061456\nif2_ols_ca.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fshoster64.exe <2>
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fsorsp64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\FsPisces.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fsulprothoster.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <40>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Juniper Networks, Inc. -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Lavasoft Limited -> Lavasoft Limited) [File not signed] C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Lavasoft Software Canada -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LENOVO (UNITED STATES) INC. -> Lenovo) C:\Users\jmcca\AppData\Local\Apps\2.0\R2AW7NXE.TZE\5ALG24VY.KOT\lsb...tion_2d7b41b05b24775e_0001.0006_6e55c1acac1ba44a\LSB.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\ruxim\RUXIMICS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
Failed to access process -> fsscanwizard.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2020-08-19] (Corel Corporation -> WinZip Computing, S.L.)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1723040 2014-09-01] (Sunplus Innovation Technology Inc. -> SunplusIT, Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\jmcca\AppData\Local\Microsoft\Teams\Update.exe [2350752 2020-06-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2831192 2014-12-09] (Juniper Networks, Inc. -> Pulse Secure, LLC)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1795736 2017-01-22] (Lavasoft Software Canada -> Lavasoft)
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jmcca\AppData\Local\Microsoft\Teams\Update.exe [2350752 2020-06-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-11-27] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2021-11-22]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\jmcca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2016-09-19]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (No File)
Startup: C:\Users\jmcca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-01-24]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AB330A2-C8C6-4F9C-81E7-93997F0DD865} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-01] (LENOVO -> Lenovo)
Task: {0E0151CA-1499-4DB0-A1ED-24A459261D5F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\45153c97-3f7c-48cb-a62b-0180f74fffd5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {1E8D95F4-2E99-466E-BEBD-997AB67037E5} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe (No File)
Task: {22F06389-CFE2-49AF-9769-CE1DBCEC543A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {2BA17B67-1999-4EE5-ADBD-EDC5545970A6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7032d745-7eff-4be6-9cac-5d067be4ef5f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {3667BF97-9C0E-42F9-AA84-5C8F5C27AD30} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {378D0E1C-F50C-42C4-9874-DFFF0CD6354E} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
Task: {3AC3F644-8E7F-431B-9A39-6FC2E45A3241} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-07-13] (Lenovo -> )
Task: {3AFCAFB2-5533-4246-8293-339F4FD21DDA} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {3DCF7919-0A59-47ED-B7E3-96BC0F3AFB16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {404FA85C-0BC7-400A-A9FE-6B13B796A93A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {44236035-22A9-4DF3-8E2C-D7BC4EA88E56} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {49F3C2FF-84BC-46EB-8D80-9DB01D059BA6} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2892202112-2661542964-2761913289-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\jmcca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {52A9DD59-20AB-4D29-8056-B983A670890F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-07-13] (Lenovo -> )
Task: {53ADD377-2BD7-4657-89A3-1CBFDDB21991} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [113024 2019-11-12] (Lenovo -> Lenovo)
Task: {612FCB1E-9057-44D4-9644-321E5AAB9B8F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {738E307F-1222-4ED9-A9C1-0B0E80566A56} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9944400 2016-06-02] (LENOVO -> Lenovo)
Task: {7B810A70-5151-46C4-8ECB-CFE71993A1B6} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [851800 2018-12-25] (Lenovo -> Lenovo.)
Task: {7D2C1525-B597-4781-BD8E-73AE4D74EA53} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4665296 2018-09-11] (McAfee, Inc. -> McAfee, Inc.)
Task: {7DC31F2B-7346-47F0-B4F5-DDF4BE889DC9} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {7E44CAD5-F7EA-4BD8-8BC6-B34A1F2291F5} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
Task: {91A95D73-4CD5-4540-91DE-58D569FCA871} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {94B39297-50E2-4976-A4BC-1A7C89D86533} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {A2D33204-D8DB-4DA9-BC46-4DB7DD2693B3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {AA40C92C-AB21-4328-B0B8-D060341E3A1D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B238EF4D-E3CD-4C19-9713-674C6B63EFE3} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
Task: {CF777170-440F-4AB2-BF29-56D4B2700833} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D267DD57-13D0-4D3D-B3F5-C16CF4B950D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {E1DE0ADA-98D2-4977-9E52-7DA8BE4BC127} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [59776 2019-11-12] (Lenovo -> )
Task: {E78978D1-98B2-4D50-B76B-67DAAE216CF9} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [56272 2018-03-17] (Oracle America, Inc. -> Oracle Corporation)
Task: {E7D79063-1733-44CF-A18B-059562A5ABEE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\439cf995-4873-4a9c-ba54-63298d7d19b8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {EB80F889-D264-4C21-9CB3-919AB1A21FE3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EE5D1DA7-DE3D-4A05-8D26-328BE8E12EF2} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\Charter Security Suite\fs_hotfix.exe [338264 2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
Task: {EE9CBDDD-BFB7-4337-80D5-37FBC249212F} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
Task: {FD886EE9-2725-4C14-A5DA-B545C149A2E6} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{722fea56-df00-4f20-b5fb-db6178865da2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b0c1890a-7af1-4dcd-a33e-fbc876f11881}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\jmcca\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-22]
Edge HKLM\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
Edge HKLM-x32\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
FireFox:
========
FF DefaultProfile: 7ejylcr7.default-1612849177010
FF ProfilePath: C:\Users\jmcca\AppData\Roaming\Mozilla\Firefox\Profiles\3pkl1gny.default-release [2021-11-22]
FF Extension: (Browsing Protection by F-Secure) - C:\Users\jmcca\AppData\Roaming\Mozilla\Firefox\Profiles\3pkl1gny.default-release\Extensions\[email protected] [2021-11-22] [UpdateUrl:hxxps://download.sp.f-secure.com/online-safety/updates.json]
FF ProfilePath: C:\Users\jmcca\AppData\Roaming\Mozilla\Firefox\Profiles\7ejylcr7.default-1612849177010 [2021-06-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-06-10] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-10] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2892202112-2661542964-2761913289-1001: @citrixonline.com/appdetectorplugin -> C:\Users\jmcca\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-01-24] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR Profile: C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default [2021-11-22]
CHR HomePage: Default -> hxxp://nsite/Pages/Nsite%20Home.aspx
CHR Extension: (Slides) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-09]
CHR Extension: (PDF Editor for Docs:Edit, Fill, Sign, Print) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjboohgkgchdnfnjiaggdbkdmpieoagi [2018-09-23]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-11-21]
CHR Extension: (Sheets) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-21]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-11-21]
CHR Extension: (Auto Refresh Plus | Page Monitor) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgeljhfekpckiiplhkigfehkdpldcggm [2021-11-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-03-24]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-11-21]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-11-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (Gmail) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-09]
CHR Profile: C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-02-15]
CHR Profile: C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-22]
CHR Extension: (Slides) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-22]
CHR Extension: (Docs) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-22]
CHR Extension: (Google Drive) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-22]
CHR Extension: (YouTube) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-22]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-11-22]
CHR Extension: (Sheets) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-22]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-11-22]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-11-22]
CHR Extension: (Gmail) - C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-22]
CHR Profile: C:\Users\jmcca\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-22]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-03-01] (BattlEye Innovations e.K. -> )
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe [72536 2021-11-04] (Google LLC -> Google LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-03-01] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [238936 2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [238936 2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fshoster64.exe [605008 2021-11-11] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fshoster64.exe [605008 2021-11-11] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fsorsp64.exe [99480 2021-11-11] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fsulprothoster.exe [605008 2021-11-11] (F-Secure Corporation -> F-Secure Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-07-28] (Microsoft Corporation -> Microsoft Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2017-01-22] (Lavasoft Limited -> Lavasoft Limited) [File not signed]
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892760 2018-12-25] (Lenovo -> Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
S2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [44932096 2018-04-08] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6517736 2021-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [352688 2018-11-27] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [352688 2018-11-27] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2018-11-27] (McAfee, Inc. -> McAfee, LLC.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-06-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25232 2017-01-22] (Lavasoft Software Canada -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-13] (Microsoft Corporation) [File not signed]
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [2201040 2021-03-12] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Charter Security Suite\Ultralight\ulcore\1636551986\fsulgk.sys [367544 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [58752 2021-11-20] (F-Secure Corporation -> F-Secure Corporation)
S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15816 2021-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation)
R2 fsnif2; C:\Program Files (x86)\Charter Security Suite\Ultralight\nif2\1635159743\nif2s64.sys [159184 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R1 jnprns; C:\WINDOWS\system32\DRIVERS\jnprns.sys [507192 2014-11-25] (Juniper Networks, Inc. -> Juniper Networks)
S3 jnprva; C:\WINDOWS\System32\drivers\jnprva.sys [30072 2014-11-25] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
R3 JnprVaMgr; C:\WINDOWS\System32\drivers\jnprvamgr.sys [45352 2014-11-25] (Juniper Networks, Inc. -> Juniper Networks, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44160 2018-12-25] (Lenovo -> Lenovo.)
R3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus Innovation Technology Inc. -> Sunplus)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [203328 2018-02-26] (Oracle Corporation -> Oracle Corporation)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-22 03:30 - 2021-11-22 03:30 - 000000797 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-11-22 03:30 - 2021-11-22 03:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-11-22 03:17 - 2021-11-22 03:17 - 000000000 ____D C:\Users\jmcca\AppData\Local\Resplendence
2021-11-22 03:16 - 2021-11-22 03:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhySoSlow
2021-11-22 03:16 - 2021-11-22 03:16 - 000000000 ____D C:\Program Files\WhySoSlow
2021-11-22 03:16 - 2016-12-17 20:59 - 000028928 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspWhy64.sys
2021-11-22 03:13 - 2021-11-22 03:14 - 003622480 _____ (Resplendence Software Projects Sp. ) C:\Users\jmcca\Downloads\LatencyMon.exe
2021-11-22 03:13 - 2021-11-22 03:13 - 010692312 _____ (Resplendence Software Projects Sp. ) C:\Users\jmcca\Downloads\whocrashedSetup.exe
2021-11-22 03:13 - 2021-11-22 03:13 - 003124592 _____ (Resplendence Software Projects Sp. ) C:\Users\jmcca\Downloads\sanitySetup.exe
2021-11-22 03:13 - 2021-11-22 03:13 - 003040528 _____ (Resplendence Software Projects Sp. ) C:\Users\jmcca\Downloads\whySoSlowSetup.exe
2021-11-22 03:13 - 2021-11-22 03:13 - 003040528 _____ (Resplendence Software Projects Sp. ) C:\Users\jmcca\Downloads\WhySoSlowSetup (1).exe
2021-11-22 03:12 - 2021-11-22 03:13 - 008234296 _____ (Piriform Software Ltd) C:\Users\jmcca\Downloads\spsetup132.exe
2021-11-22 03:08 - 2021-11-22 03:24 - 000033172 _____ C:\Users\jmcca\Downloads\FRST.txt
2021-11-22 03:08 - 2021-11-22 03:08 - 000000000 ____D C:\Users\jmcca\Downloads\FRST-OlderVersion
2021-11-22 03:07 - 2021-11-22 03:07 - 002839416 _____ (Sysinternals - www.sysinternals.com) C:\Users\jmcca\Downloads\procexp.exe
2021-11-22 03:02 - 2021-11-22 03:18 - 000000000 ____D C:\FRST
2021-11-22 03:00 - 2021-11-22 03:08 - 002311680 _____ (Farbar) C:\Users\jmcca\Downloads\FRST64.exe
2021-11-22 02:43 - 2021-11-22 02:43 - 000002436 _____ C:\Users\jmcca\Desktop\JERIME - Chrome.lnk
2021-11-22 02:38 - 2021-11-22 02:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-22 02:29 - 2021-11-22 02:33 - 000000000 ____D C:\Users\jmcca\Desktop\RunTIme
2021-11-22 02:22 - 2021-11-22 02:33 - 000000000 ____D C:\Users\jmcca\AppData\Local\WinZip
2021-11-22 02:22 - 2021-11-22 02:22 - 000003678 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2021-11-22 02:22 - 2021-11-22 02:22 - 000003676 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2021-11-22 02:22 - 2021-11-22 02:22 - 000003676 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2021-11-22 02:21 - 2021-11-22 02:21 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2021-11-22 02:21 - 2021-11-22 02:21 - 000001947 _____ C:\Users\Public\Desktop\WinZip.lnk
2021-11-22 02:21 - 2021-11-22 02:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2021-11-22 02:19 - 2021-11-22 02:20 - 000000000 ____D C:\Program Files\WinZip
2021-11-22 02:13 - 2021-11-22 02:13 - 000949680 _____ (WinZip Computing) C:\Users\jmcca\Downloads\winzip25-cnet.exe
2021-11-22 02:08 - 2021-11-22 02:38 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-22 02:08 - 2021-11-22 02:38 - 000000953 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-11-22 02:08 - 2021-11-22 02:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-22 02:06 - 2021-11-22 02:06 - 000333872 _____ (Mozilla) C:\Users\jmcca\Downloads\Firefox Installer.exe
2021-11-22 02:04 - 2021-11-22 02:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 01:35 - 2021-11-22 01:35 - 000000000 ____D C:\WINDOWS\Panther
2021-11-21 09:56 - 2021-11-21 09:56 - 010141853 _____ C:\Users\jmcca\Downloads\IMG_1801.mp4
2021-11-21 09:52 - 2021-11-22 01:28 - 000000000 ___RD C:\Users\jmcca\iCloudDrive
2021-11-21 09:49 - 2021-11-21 09:49 - 000000000 ____D C:\ProgramData\Apple Inc
2021-11-11 14:17 - 2021-11-11 14:20 - 4028575744 _____ C:\Users\jmcca\Downloads\kali-linux-2021.3a-live-amd64.iso
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-22 02:43 - 2016-11-24 08:38 - 000000000 ____D C:\Users\jmcca\AppData\LocalLow\Mozilla
2021-11-22 02:40 - 2021-02-09 00:39 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-22 02:25 - 2016-10-21 19:22 - 000000000 ____D C:\ProgramData\WinZip
2021-11-22 02:08 - 2016-10-23 19:54 - 000000000 ____D C:\Users\jmcca\AppData\Local\CrashDumps
2021-11-22 01:42 - 2020-02-13 04:46 - 000939940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-22 01:42 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2021-11-22 01:40 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-22 01:38 - 2016-09-10 10:53 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-22 01:35 - 2020-02-13 05:00 - 000003700 _____ C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task
2021-11-22 01:35 - 2020-02-13 05:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-22 01:35 - 2016-09-16 23:36 - 000000000 ____D C:\ProgramData\VMware
2021-11-22 01:35 - 2016-09-10 09:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-11-22 01:34 - 2019-03-18 23:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-22 01:28 - 2018-07-27 10:06 - 000000000 ____D C:\Users\jmcca\AppData\Local\D3DSCache
2021-11-22 00:59 - 2020-02-13 04:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-21 18:15 - 2021-01-03 21:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-21 10:17 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-21 10:17 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-21 09:52 - 2020-02-13 04:35 - 000000000 ____D C:\Users\jmcca
2021-11-21 09:52 - 2017-04-29 14:30 - 000000000 ____D C:\Users\jmcca\AppData\Local\Apple Computer
2021-11-21 09:49 - 2021-06-01 18:33 - 000000000 ____D C:\Users\jmcca\AppData\Local\Apple Inc
2021-11-21 09:49 - 2017-04-29 14:30 - 000000000 ____D C:\Users\jmcca\AppData\Roaming\Apple Computer
2021-11-21 09:46 - 2020-02-13 05:07 - 000000000 ____D C:\Users\jmcca\AppData\Local\PlaceholderTileLogoFolder
2021-11-21 09:46 - 2018-07-20 01:51 - 000000000 ____D C:\ProgramData\Packages
2021-11-21 09:46 - 2018-02-02 01:45 - 000000000 ____D C:\Users\jmcca\AppData\Local\Packages
2021-11-20 07:38 - 2016-10-30 17:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-20 07:38 - 2016-10-30 17:51 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-20 07:36 - 2021-01-03 21:31 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-20 07:36 - 2021-01-03 21:31 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-20 07:30 - 2021-01-09 03:48 - 000058752 _____ (F-Secure Corporation) C:\WINDOWS\system32\Drivers\fsbts.sys
2021-11-12 17:56 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-12 17:51 - 2020-12-30 21:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-12 17:50 - 2016-09-10 12:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-12 17:42 - 2016-09-10 12:24 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-12 17:31 - 2020-03-25 02:13 - 000002383 _____ C:\Users\jmcca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-12 17:31 - 2020-02-13 05:00 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2892202112-2661542964-2761913289-1001
2021-11-11 14:14 - 2020-02-13 05:00 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-11-11 14:14 - 2020-02-13 05:00 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-11-11 14:12 - 2016-09-16 23:37 - 000000000 ____D C:\Users\jmcca\AppData\Roaming\VMware
2021-11-11 14:12 - 2016-09-16 23:37 - 000000000 ____D C:\Users\jmcca\AppData\Local\VMware
2021-11-07 22:36 - 2019-12-02 00:39 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2019-12-02 00:39 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-07 22:36 - 2019-12-02 00:39 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2017-12-21 11:18 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
==================== Files in the root of some directories ========
2018-10-23 03:02 - 2018-10-23 03:02 - 000000000 _____ () C:\Users\jmcca\.mongorc.js
2020-06-05 22:33 - 2020-06-05 22:33 - 024166400 _____ () C:\Program Files (x86)\GUT22DC.tmp
2020-06-08 05:37 - 2020-06-08 05:37 - 024166400 _____ () C:\Program Files (x86)\GUT2F66.tmp
2020-06-07 07:02 - 2020-06-07 07:02 - 024166400 _____ () C:\Program Files (x86)\GUT4E5C.tmp
2020-06-05 15:52 - 2020-06-05 15:52 - 024166400 _____ () C:\Program Files (x86)\GUT5CD1.tmp
2020-06-08 10:37 - 2020-06-08 10:37 - 024166400 _____ () C:\Program Files (x86)\GUT6C5B.tmp
2020-06-08 00:35 - 2020-06-08 00:35 - 024166400 _____ () C:\Program Files (x86)\GUT729C.tmp
2020-06-04 23:57 - 2020-06-04 23:57 - 024166400 _____ () C:\Program Files (x86)\GUT92F5.tmp
2020-06-06 22:24 - 2020-06-06 22:24 - 024166400 _____ () C:\Program Files (x86)\GUTC69B.tmp
2016-10-21 20:35 - 2017-06-10 21:27 - 000000096 _____ () C:\Users\jmcca\AppData\Roaming\Camdata.ini
2016-10-21 20:35 - 2017-06-10 21:27 - 000000408 _____ () C:\Users\jmcca\AppData\Roaming\CamLayout.ini
2016-10-21 20:35 - 2017-06-10 21:27 - 000000408 _____ () C:\Users\jmcca\AppData\Roaming\CamShapes.ini
2016-10-21 19:07 - 2017-06-10 21:27 - 000004536 _____ () C:\Users\jmcca\AppData\Roaming\CamStudio.cfg
2016-10-21 19:07 - 2017-06-10 21:27 - 000000096 _____ () C:\Users\jmcca\AppData\Roaming\version2.xml
2016-11-26 16:30 - 2016-12-20 20:24 - 000000600 _____ () C:\Users\jmcca\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2021
Ran by jmccastle (22-11-2021 03:33:46)
Running from C:\Users\jmcca\Downloads
Microsoft Windows 10 Pro Version 1909 18363.1556 (X64) (2020-02-13 10:03:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2892202112-2661542964-2761913289-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2892202112-2661542964-2761913289-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2892202112-2661542964-2761913289-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2892202112-2661542964-2761913289-501 - Limited - Disabled)
jmccastle (S-1-5-21-2892202112-2661542964-2761913289-1001 - Administrator - Enabled) => C:\Users\jmcca
WDAGUtilityAccount (S-1-5-21-2892202112-2661542964-2761913289-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Security Suite by F-Secure (Enabled - Up to date) {EFA7F7EC-9723-5757-549F-DDC923618754}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Active Directory Authentication Library for SQL Server (HKLM\...\{52D1FCFD-1052-4D75-B3FB-9906901AFD98}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{B9B27527-C019-411B-9813-3FC8724C88DA}) (Version: 96.0.4664.39 - Google LLC)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{E81C8BD9-158A-4E0F-AE0D-8C797C0E8112}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Entity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GitHub (HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\5f7eb300e2ea4ebf) (Version: 3.3.4.0 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
iCloud Outlook (HKLM\...\{841FC0A2-0DF9-475E-B342-AE7A6F42A90B}) (Version: 13.0.0.156 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{4E0AF984-1437-42DC-A8E4-A6EE920DDFAF}) (Version: 10.0.1743 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{27276DC1-66AA-4B16-918D-5AB1EEDF09C6}) (Version: 6.0.5 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2caa706-dce2-4c91-8d46-b52a3c260b20}) (Version: 21.10.1 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{6F502640-B753-C101-FFA5-B38C3FA5B29A}) (Version: 10.1.17134.12 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.85.03 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.7 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0127 - Lenovo)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.2.167.1 - McAfee, LLC)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0008.00 - Lenovo Group Limited) Hidden
Microsoft .NET Core SDK 2.1.401 (x64) (HKLM-x32\...\{44d71f17-7c94-402c-8771-44764b399760}) (Version: 2.1.401 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET Core 2.1.28 - Shared Framework (HKLM-x32\...\{7faf17d1-b55b-440f-bccc-c764179c09c5}) (Version: 2.1.28.63083 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Command Line Tools (HKLM-x32\...\{7A1453F0-352E-42E7-8F4E-9F2D850E2399}) (Version: 0.10.8 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.5.3 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.5.3) (Version: 2.9.8699.20 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Mobile App SDK V3.0 (HKLM-x32\...\{A1D5A2EC-1BB0-4ED6-97E6-F044400FAFFD}) (Version: 3.0.50407.0 - Microsoft Corporation)
Microsoft Azure PowerShell - April 2018 (HKLM\...\{3BA7CAA9-97BA-4528-B7E1-B640910BB149}) (Version: 5.7.0.18831 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.6 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.6) (Version: 5.6.18177.1124 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.29 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{8A6AB459-CB4B-4D09-8C1E-337FB59135C4}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1296.827 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 94.0.1 (x64 en-US)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
MySQL Installer - Community (HKLM-x32\...\{4E616E18-BC1C-48BA-A35F-BE1615FCEB9F}) (Version: 1.4.25.0 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{11CF35A6-DF56-426A-8FEF-BAA039D8FF31}) (Version: 8.0.11 - Oracle Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Pulse Secure (HKLM\...\{86C5CDDF-0B65-41F4-869C-B3FFB72A4672}) (Version: 5.1.51831 - Pulse Secure, LLC) Hidden
Pulse Secure 5.1 (HKLM-x32\...\Pulse Secure 5.1) (Version: 5.1.51831 - Pulse Secure, LLC)
Python 2.7.12 (Anaconda2 4.2.0 64-bit) (HKLM\...\Python 2.7.12 (Anaconda2 4.2.0 64-bit)) (Version: 4.2.0 - Continuum Analytics, Inc.)
Python 2.7.12 (Anaconda2 4.2.0 64-bit) (HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\Python 2.7.12 (Anaconda2 4.2.0 64-bit)) (Version: 4.2.0 - Continuum Analytics, Inc.)
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Python 2.7.12 (Miniconda2 4.2.12 64-bit) (HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\Python 2.7.12 (Miniconda2 4.2.12 64-bit)) (Version: 4.2.12 - Continuum Analytics, Inc.)
Python 3.6.6 (64-bit) (HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\{a2e7eb2f-e31e-47eb-82ca-63b3854f5354}) (Version: 3.6.6150.0 - Python Software Foundation)
Python 3.6.6 Core Interpreter (64-bit symbols) (HKLM\...\{09472AF9-4E5C-419F-8AFC-E42DE3C00062}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Core Interpreter (64-bit) (HKLM\...\{13428472-D58E-476D-932F-5B1B0C1397BE}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Development Libraries (64-bit) (HKLM\...\{C4752757-9240-4518-BE22-A7E2E7CC7D7B}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Documentation (64-bit) (HKLM\...\{16EF5AB7-4A89-4F06-B20B-209DA4FE0533}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Executables (64-bit symbols) (HKLM\...\{D1DCF56C-C29C-436A-9764-DEA45032EC46}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Executables (64-bit) (HKLM\...\{5CE3EB5B-1823-4B8E-BE10-95262BDD1148}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 pip Bootstrap (64-bit) (HKLM\...\{9D8D733D-3822-4808-B382-6291910081B2}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Standard Library (64-bit symbols) (HKLM\...\{A44E9804-C2AA-40DD-9E6F-F53D96BDAD34}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Standard Library (64-bit) (HKLM\...\{4D137679-6FB4-446B-9BDB-279292FA2D2C}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Tcl/Tk Support (64-bit symbols) (HKLM\...\{20F0B3BE-3E51-4536-BE6E-451359FD5432}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Tcl/Tk Support (64-bit) (HKLM\...\{44EC13CA-E201-433B-B2D3-386B9609B859}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Test Suite (64-bit symbols) (HKLM\...\{C5BD9A00-9221-486E-94BF-9B1553B215AF}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Test Suite (64-bit) (HKLM\...\{C9596636-022D-4123-B369-98819F772985}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python 3.6.6 Utility Scripts (64-bit) (HKLM\...\{E95CEC86-EFB3-47B8-A5F6-C8FB757AD060}) (Version: 3.6.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A9DED8BE-05DF-45D5-81A0-3743A44CC0C9}) (Version: 3.6.6386.0 - Python Software Foundation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
SDK ARM Additions (HKLM-x32\...\{346B2C02-CC0D-6E09-8B9D-CAA2821473CF}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{825784BB-114D-ADB3-B65F-E1EB2A63C3BC}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Security Suite (HKLM-x32\...\{8EC20E27-C2EF-4FCA-BE69-CF53B6E9F89F}) (Version: 18.0 - F-Secure Corporation)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.142 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
ThinkPad Settings Dependency (HKLM\...\{08515684-CE49-47EF-B509-326A2E91BC5C}_is1) (Version: 3.0.1.48 - Lenovo) Hidden
TypeScript SDK (HKLM-x32\...\{1CCCDFFB-8999-4308-9192-F326D7E22187}) (Version: 3.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{BA6F1D53-C3F2-F9D5-80CE-CEF608E36AD3}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{6E43CA0C-046E-4F38-A0A2-3B1BA139B661}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{D182FB25-9A73-4725-A2C4-2C33900B920E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\09bfff8e) (Version: 15.8.28010.2016 - Microsoft Corporation)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS WCF Debugging (HKLM\...\{14AF842C-675E-4268-B493-EB76D9B465A8}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{082DBA20-8C1E-4D4C-85F4-A813283B7849}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Web Companion (HKLM-x32\...\{decb51ad-a08f-4f2f-a263-ee798a8a7dd4}) (Version: 2.3.1479.2868 - Lavasoft)
WhySoSlow 1.61 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinAppDeploy (HKLM-x32\...\{1182888E-EDC9-05C5-33BD-B61DA5B1F916}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{45D392D2-5956-4646-9CA6-83CBF67507B6}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{01F53182-F1C8-8A72-5C86-B6612BDD4815}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{2AC000E5-E5E6-75B7-7FC2-9ECA8C57CA98}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{6DF5B5E1-A8A0-B617-AADB-31C3709A3C41}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{1AAB8359-4433-FF39-D420-0AD429993AD7}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{CB7AC790-0E8B-D6C9-CE1E-655793E7D541}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{87775501-5259-6A7C-51A6-71C832DB7ABA}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{CFD0294B-945D-62E4-7959-9B22A160496F}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{F75FD5E5-1F33-AE2B-715A-F829F8A8F51D}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinZip 25.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2412D}) (Version: 25.0.14245 - Corel Corporation)
wxPython 3.0.2.0 for Python 2.7 (HKLM-x32\...\wxPython3.0-py27_is1) (Version: 3.0.2.0 - Total Control Software)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-02-13] (Autodesk Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.156.0_x86__nzyj5cx40ttqa [2021-11-21] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.0.0_x86__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001_Classes\CLSID\{17108A30-E738-4257-9C19-5B752DBAAB43} -> [iCloud Photos] => C:\Users\jmcca\Pictures\iCloud Photos\Photos [2021-11-21 09:52]
CustomCLSID: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001_Classes\CLSID\{3BA2E6B1-A6A1-CCF6-942C-D370B14D842B} -> [OneDrive for Business] => C:\Users\jmcca\OneDrive for Business [2016-09-19 08:38]
CustomCLSID: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001_Classes\CLSID\{6379229D-D4CE-4024-84C1-8A1029600FFB} -> [iCloud Drive] => C:\Users\jmcca\iCloudDrive [2021-11-21 09:52]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\Charter Security Suite\FsShellExtension64.dll [2021-05-19] (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-18] (Notepad++ -> )
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-08-19] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2016-10-21] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2016-10-21] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-08-19] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-08-19] (Corel Corporation -> WinZip Computing)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\jmcca\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\jmcca\Desktop\JERIME - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\jmcca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enthought Canopy (64-bit)\Canopy 64-bit command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k C:\Users\jmcca\AppData\Local\Enthought\Canopy\User\Scripts\activate.bat
ShortcutWithArgument: C:\Users\jmcca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\jmcca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) =============
2016-07-27 22:35 - 2016-07-27 22:35 - 000259584 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5182]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-f070f23b
URLSearchHook: [S-1-5-21-2892202112-2661542964-2761913289-1000] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-f070f23b&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-f070f23b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\Ultralight\http\1637061456\browser\fs_ie_https\fs_ie_https64.dll [2021-11-20] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\Ultralight\http\1637061456\browser\fs_ie_https\fs_ie_https.dll [2021-11-20] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://remote.nortonhealthcare.org/dana-cached/sc/JuniperSetupClient.cab
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\sharepoint.com -> hxxps://kctcs-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 06:47 - 2019-01-07 23:31 - 000000858 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\oraclexe\app\oracle\product\11.2.0\server\bin;C:\ProgramData\Oracle\Java\javapath;"C:\Program Files\Java\jdk1.8.0_111\bin";%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Anaconda2;C:\Program Files\Anaconda2\Scripts;C:\Program Files\Anaconda2\Library\bin;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SDKs\Azure\CLI\wbin;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Juniper Network Service -> jnprns (enabled)
Ethernet: Juniper Network Service -> jnprns (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Integrated Camera_Monitor"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PulseSecure"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\StartupFolder: => "OneDrive for Business.lnk"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_66E55571B510E7D0E564C92CEAB1273F"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2892202112-2661542964-2761913289-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5C77AB83-F366-43A7-83E8-E6ED4159654C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [UDP Query User{F68ACA87-FFEF-4704-BAF0-59A15637AF44}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [TCP Query User{6B213982-0654-428A-B7EF-8A6C76ECCA2E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [{3DB123F1-E837-4BEF-8936-E215F2F1283E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{AEBDF578-FE56-4437-86B9-213BD3793BE2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{48F0B535-9B67-480A-A237-37E75972C05E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{86C9E4C9-CEF5-4ADA-AF35-B8CD3EF8A7ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [UDP Query User{60C19CCD-B9B5-4FFE-A150-80D4033B8915}C:\users\jmcca\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jmcca\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File
FirewallRules: [TCP Query User{1BD2C3D8-5ED4-4D9D-8DBB-01B6FDD10271}C:\users\jmcca\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jmcca\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe => No File
FirewallRules: [{D7F8C777-2B6F-4D42-8302-AD5C9DB98A86}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Apple Inc.) [File not signed]
FirewallRules: [UDP Query User{FB9720DA-CD83-44D4-821C-A68F3D5A58B4}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [TCP Query User{F143A73E-13FE-436C-8755-867F4DB29800}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{E361918F-F629-4C4C-863E-53CFB49903FF}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{A8C9B1D6-B7B7-4B51-B411-2E21847202C1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [UDP Query User{8103DFC4-5130-4848-B370-BBA39AC95EA6}C:\program files (x86)\jetbrains\pycharm community edition 2016.3\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 2016.3\bin\pycharm.exe => No File
FirewallRules: [TCP Query User{2E8B00CF-7DB2-4698-86BC-88B8FC66CF3B}C:\program files (x86)\jetbrains\pycharm community edition 2016.3\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm community edition 2016.3\bin\pycharm.exe => No File
FirewallRules: [UDP Query User{A186F905-4F2B-476C-8BF4-F52C70DFCB15}C:\python27\python.exe] => (Allow) C:\python27\python.exe () [File not signed]
FirewallRules: [TCP Query User{8F82F3C2-1DD0-40A8-9A8C-576376FEC4FE}C:\python27\python.exe] => (Allow) C:\python27\python.exe () [File not signed]
FirewallRules: [UDP Query User{1F95612C-2D30-48B7-B39A-05A884345065}C:\python27\pythonw.exe] => (Allow) C:\python27\pythonw.exe () [File not signed]
FirewallRules: [TCP Query User{687DF564-5F25-48CA-A273-776C83F916E0}C:\python27\pythonw.exe] => (Allow) C:\python27\pythonw.exe () [File not signed]
FirewallRules: [{5A491007-832F-4BB5-8C27-925D3241C35C}] => (Allow) C:\Users\jmcca\AppData\Local\Chromium\Application\chrome.exe => No File
FirewallRules: [UDP Query User{C931CEAB-0F42-487B-B79C-9A0E5830D052}C:\users\jmcca\desktop\nc.exe] => (Block) C:\users\jmcca\desktop\nc.exe => No File
FirewallRules: [TCP Query User{BE16B49E-499B-4F96-8455-D5ECA168F641}C:\users\jmcca\desktop\nc.exe] => (Block) C:\users\jmcca\desktop\nc.exe => No File
FirewallRules: [{B8EC6C32-2E37-49B9-9803-F3CA3B2C7829}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{266407A1-9CF1-48F8-863C-F9600B523771}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{5DCAB75F-1FC8-4DD6-BA38-9E4E6AA4F77E}] => (Allow) LPort=3306
FirewallRules: [{6F28EFEA-C91E-4EAF-A309-A196761694AF}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Tools\Launcher.exe => No File
FirewallRules: [{7AD100AC-EF17-4F1C-9D93-E2BE3391536D}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Warframe.x64.exe => No File
FirewallRules: [{D3A151CE-4028-41AE-AE58-7E7572D21FCB}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Warframe.x64.exe => No File
FirewallRules: [{81AE4E96-A77A-4FFD-8879-80F91FFE8773}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{8FB5306F-1DF4-4685-8FDF-B226D97DF7DB}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Tools\Launcher.exe => No File
FirewallRules: [{A5A63A34-AB58-4175-B02E-FAF6C540B7E3}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Warframe.x64.exe => No File
FirewallRules: [{8CF27E86-2FF9-4BC7-AFE5-1A88EF1812DF}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Warframe.x64.exe => No File
FirewallRules: [{A4B68F74-971B-4AF7-8304-361792884F9C}] => (Allow) C:\Program Files\Epic Games\Warframe\Downloaded\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{59DE7705-126B-439B-B417-8ACD4440944D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{BA0DF63B-11F5-4686-86EC-6C92C128F57C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{CBB28C62-251E-474C-B688-37E974CD248B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B9998A5A-F0E7-4879-A34C-CD2C5767FB12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CCAE8129-AE44-4C87-83F5-46A0F4559D46}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{577953E4-84EF-418D-ABDF-3E44F28FB9C1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7090C8B6-AB6E-4094-80A4-6ECA4AE1BACF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{6E368568-D3EC-4635-BDC3-0E09D3A549AD}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{51FE6210-A445-4BDD-958F-C2F51B6F913C}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{AE3394CD-A236-49E8-A960-C8C023B39A9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{26FFB260-16FC-4F03-82EC-8F7FFB4E4842}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E5A3F8B-4FAF-4506-85A6-C5AB6C03DFE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
21-11-2021 08:23:27 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/22/2021 03:07:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program fsscanwizard.exe version 4.6.14.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1bb8
Start Time: 01d7df6e45369e63
Termination Time: 50
Application Path: C:\Program Files (x86)\Charter Security Suite\ui\fsscanwizard.exe
Report Id: 01bb85d2-9c46-4e00-9a78-453a84879c16
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (11/22/2021 02:07:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 0.0.0.0, time stamp: 0x6182a725
Faulting module name: xul.dll, version: 0.0.0.0, time stamp: 0x6182a78e
Exception code: 0x80000003
Fault offset: 0x0000000001ad0e85
Faulting process id: 0x2f58
Faulting application start time: 0x01d7df6f47de596b
Faulting application path: C:\Program Files\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files\Mozilla Firefox\xul.dll
Report Id: cdb1af2b-8fd2-4a63-8a7e-4f00389adda0
Faulting package full name:
Faulting package-relative application ID:
Error: (11/22/2021 01:38:50 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
Error: (11/22/2021 01:35:51 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
at System.Threading.Monitor.Enter(Object obj)
at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (11/22/2021 01:35:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 21.10.1.0, time stamp: 0x5cbdd040
Faulting module name: KERNELBASE.dll, version: 10.0.18362.1474, time stamp: 0x5ae7af90
Exception code: 0xc06d007e
Fault offset: 0x0000000000043b19
Faulting process id: 0x1394
Faulting application start time: 0x01d7df6b20dcde8f
Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 6f7a7750-9e6d-447b-8b57-781000f82b79
Faulting package full name:
Faulting package-relative application ID:
Error: (11/22/2021 01:33:59 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Access to performance data was denied to user "SYSTEM" (value from GetUserName() for the running thread) as attempted from module "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe" (value from GetModuleFileName() for the binary that issued the query).
Error: (11/22/2021 01:33:27 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (11/22/2021 01:33:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
System errors:
=============
Error: (11/22/2021 01:35:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Error: (11/22/2021 01:35:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MySQL80 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/22/2021 01:35:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the MySQL80 service to connect.
Error: (11/22/2021 01:35:23 AM) (Source: IntelHaxm) (EventID: 10) (User: )
Description: HAXM can't work on system with VT disabled
Error: (11/22/2021 01:35:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EvtEng service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/22/2021 01:35:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the EvtEng service to connect.
Error: (11/22/2021 01:35:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/22/2021 01:35:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Apple Mobile Device Service service to connect.
Windows Defender:
================Event[0]:
Date: 2021-06-10 13:25:57.571
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.339.42.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80070643
Error description: Fatal error during installation.
Date: 2021-06-10 13:25:56.908
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.464.0
Previous security intelligence Version: 1.339.42.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-06-10 13:25:56.908
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.464.0
Previous security intelligence Version: 1.339.42.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-06-10 13:25:56.907
Description:
Windows Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-04-26 12:09:22.973
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.333.583.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17900.7
Error code: 0x80070643
Error description: Fatal error during installation.
==================== Memory info ===========================
BIOS: LENOVO GIET86WW (2.36 ) 08/01/2016
Motherboard: LENOVO 20AMS24V00
Processor: Intel® Core i5-4300U CPU @ 1.90GHz
Percentage of memory in use: 81%
Total physical RAM: 3783.81 MB
Available physical RAM: 716.7 MB
Total Virtual: 6290.85 MB
Available Virtual: 1488.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.46 GB) (Free:371.25 GB) NTFS
\\?\Volume{0003228b-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0003228b-0000-0000-0000-f03c74000000}\ () (Fixed) (Total:0.81 GB) (Free:0.3 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0003228B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=827 MB) - (Type=27)
==================== End of Addition.txt =======================