Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2019
Ran by bailey (administrator) on YOGA720-15IKB (LENOVO 80X7) (07-11-2019 21:58:51)
Running from C:\Users\baile\Desktop
Loaded Profiles: bailey (Available Profiles: bailey)
Platform: Windows 10 Home Version 1809 17763.805 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe
(Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe
(Fitbit, Inc. -> Fitbit, Inc.) [File not signed] C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8020 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8020 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3d757484a892eacf\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> ) C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\YMC\ymc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
(Network Protect Ltd -> UltraVPN) C:\Program Files (x86)\UltraVPN\UltraVPN.exe
(Network Protect Ltd -> UltraVPN) C:\Program Files (x86)\UltraVPN\UltraVPNSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18376680 2017-06-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489888 2017-06-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489888 2017-06-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489888 2017-06-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [APP] => C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe [963376 2016-10-27] (Dolby Laboratories, Inc. -> )
HKLM\...\Run: [iTunesHelper] => C:\Users\baile\Downloads\iTunesHelper.exe [302904 2019-10-03] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [401464 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414184 2015-09-11] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2018-01-24] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414184 2015-09-11] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\...\Run: [HP OfficeJet Pro 8020 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8020 series\Bin\ScanToPCActivationApp.exe [4071840 2018-12-10] (HP Inc -> HP Inc.)
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\...\MountPoints2: {1285eeda-e8c4-11e9-82dd-a87f714249d0} - "E:\VZW_Software_upgrade_assistant.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraVPN.lnk [2019-02-01]
ShortcutTarget: UltraVPN.lnk -> C:\Program Files (x86)\UltraVPN\UltraVPN.exe (Network Protect Ltd -> UltraVPN)
Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2019-08-22]
ShortcutAndArgument: Monitor Ink Alerts - .lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN3AOEWGF505KC;CONNECTION=NW;MONITOR=1;
Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2019-10-16]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN3AOEWGF505KC;CONNECTION=NW;MONITOR=1;
Startup: C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-10-22]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E41EACB-602F-472D-A50B-BAC99EBC6892} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-baileyl032017@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {10A2D8F3-B81B-4C19-AA59-BED341E8F286} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-09] (Adobe Inc. -> Adobe)
Task: {138C7D27-E8F7-45CF-824E-5382F35FB876} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {25B126E2-E129-4B8C-A051-AE8F6C2AC12F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {280D02D9-6D81-45CC-B7FA-7DFB7C4EDA71} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [401464 2019-09-27] (Adobe Inc. -> Adobe Inc.)
Task: {3E154EAE-7138-4F19-9F37-D9157CEBB0E1} - System32\Tasks\Kaspersky_Upgrade_{E7FE8BD6-07C8-4138-AB61-92AA886397EA} => C:\Program Files\Common Files\AV\Kaspersky Anti-Virus\upgrade.exe [595904 2019-10-21] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {53FA9348-5DED-47C7-AC6F-4F0F7A0836D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {80649F8B-3557-47EF-AE0C-E42DA7305790} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 8020 series => C:\Program Files\HP\HP OfficeJet Pro 8020 series\Bin\HPCustPartic.exe [6692256 2019-07-25] (HP Inc -> HP Inc.)
Task: {854037A7-409A-4E7E-8839-B64D9DD70321} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
Task: {86498FD1-0AB2-4547-9638-10E5FD662851} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe Inc. -> Adobe)
Task: {9893ED56-95D5-4BC0-811C-C7FD7240F18F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ABCD284A-8C24-49C7-8EAC-395A6E913A97} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8E1E233-B0BD-4527-9C18-8A9E74A99A8D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7E912F0-CD6F-456B-A47A-42DCED783974} - System32\Tasks\AdobeAAMUpdater-1.0-YOGA720-15IKB-bailey => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E631038B-2CFE-4CA4-9F1F-8732D0DFB9A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {E6B19B21-5958-4DF3-8199-D0E8A3CD31F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E78A56F7-58D9-4451-BB2B-B9FF5AE1BD63} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE3668F8-BBB2-4DDE-9358-770A17D5080C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-01] (Apple Inc. -> Apple Inc.)
Task: {F9330818-1ABC-4A7E-83C5-454D9B18F8AA} - System32\Tasks\Lenovo\Lenovo MigrationAssistant logon task => C:\Program Files\Lenovo\Lenovo Migration Assistant\maService.exe [151920 2017-12-06] (Lenovo -> )
Task: {FD2632BD-314B-4274-8CCD-5DBBB8FB4359} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FD7E4D41-F141-40D9-AAB5-790B1C8CF50E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 207.190.94.2 207.190.94.129
Tcpip\..\Interfaces\{3c4a9f21-8085-4361-98eb-ab3060e81302}: [DhcpNameServer] 192.168.1.1 207.190.94.2 207.190.94.129
Internet Explorer:
==================
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-260720292-2504253849-2348319339-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-260720292-2504253849-2348319339-1001 -> DefaultScope {D4DBA3E0-BA8B-43C2-9BDB-2CD84DB0CF9F} URL =
SearchScopes: HKU\S-1-5-21-260720292-2504253849-2348319339-1001 -> {D4DBA3E0-BA8B-43C2-9BDB-2CD84DB0CF9F} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-260720292-2504253849-2348319339-1001 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-12-20] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\baile\Downloads
Edge Extension: (LastPass: Free Password Manager) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.36.0.0_neutral__qq0fmhteeht3j [2019-11-04]
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-12-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-260720292-2504253849-2348319339-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\baile\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> file:///C:/Users/Owner/Documents/Medical
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default [2019-11-07]
CHR Extension: (Slides) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-30]
CHR Extension: (Docs) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-30]
CHR Extension: (Google Drive) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-30]
CHR Extension: (Honey) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-10-19]
CHR Extension: (Rakuten Ebates: Get Cash Back For Shopping) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2019-11-03]
CHR Extension: (Netflix) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2017-12-30]
CHR Extension: (Sheets) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-30]
CHR Extension: (Google Docs Offline) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-11-03]
CHR Extension: (Grammarly for Chrome) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-11-03]
CHR Extension: (No Name) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-11-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\baile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-03]
CHR Profile: C:\Users\baile\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-28]
CHR Profile: C:\Users\baile\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-28]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-06-09] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX API Service; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [212784 2017-04-28] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-06-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2211448 2016-11-08] (Intel Corporation - pGFX -> Intel Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435304 2015-09-11] (Fitbit, Inc. -> Fitbit, Inc.) [File not signed]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515232 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-05] (Malwarebytes Inc -> Malwarebytes)
R2 UltraVPNSvc; C:\Program Files (x86)\UltraVPN\UltraVPNSvc.exe [3226440 2019-02-01] (Network Protect Ltd -> UltraVPN)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServiceISD; C:\Program Files\Tablet\ISD\WTabletServiceISD.exe [1645656 2017-05-24] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [1816520 2018-04-03] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 ymc; C:\Program Files\Lenovo\YMC\ymc.exe [49032 2016-12-23] (LENOVO -> Lenovo)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [72592 2016-10-24] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [67984 2016-10-24] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [355216 2016-10-24] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-11-07] (Malwarebytes Corporation -> Malwarebytes)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [129008 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [248480 2019-11-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-11-07] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-11-07] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-11-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-11-07] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8723968 2018-09-15] (Microsoft Windows -> Intel Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3227648 2017-03-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39040 2018-08-15] (GZ Systems Limited -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 WacHidRouterISD; C:\WINDOWS\system32\DRIVERS\wachidrouter_isd.sys [142424 2017-05-24] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-07 21:58 - 2019-11-07 21:59 - 000030779 _____ C:\Users\baile\Desktop\FRST.txt
2019-11-07 21:57 - 2019-11-07 21:57 - 002259968 _____ (Farbar) C:\Users\baile\Desktop\FRST64.exe
2019-11-07 21:53 - 2019-11-07 21:53 - 000000000 ____D C:\Users\baile\AppData\Roaming\Western Digital
2019-11-07 21:52 - 2019-11-07 21:52 - 000002233 _____ C:\Users\Public\Desktop\WD Backup.lnk
2019-11-07 21:52 - 2019-11-07 21:52 - 000002233 _____ C:\ProgramData\Desktop\WD Backup.lnk
2019-11-07 21:52 - 2019-11-07 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2019-11-07 21:52 - 2019-11-07 21:52 - 000000000 ____D C:\Program Files (x86)\Western Digital
2019-11-07 02:25 - 2019-11-07 02:25 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-07 02:25 - 2019-11-07 02:25 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-11-07 02:25 - 2019-11-07 02:25 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-11-07 02:25 - 2019-11-07 02:25 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-11-07 02:24 - 2019-11-07 02:24 - 000248480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-11-07 00:51 - 2019-11-07 00:51 - 007622344 _____ (Malwarebytes) C:\Users\baile\Desktop\adwcleaner_7.4.2.exe
2019-11-06 19:42 - 2019-11-06 19:42 - 000000000 ____D C:\Users\baile\AppData\Local\EpicGamesLauncher
2019-11-06 19:42 - 2019-11-06 19:42 - 000000000 ____D C:\Users\baile\AppData\Local\CrashReportClient
2019-11-06 15:01 - 2019-11-06 15:01 - 000291606 _____ C:\Users\baile\Downloads\TCPView.zip
2019-11-05 15:34 - 2019-11-05 15:34 - 001883976 _____ (Malwarebytes) C:\Users\baile\Downloads\MBSetup.exe
2019-11-05 14:28 - 2019-11-07 02:49 - 000003274 _____ C:\WINDOWS\system32\Tasks\Adobe Uninstaller
2019-11-04 01:26 - 2019-11-07 19:35 - 000003712 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_{E7FE8BD6-07C8-4138-AB61-92AA886397EA}
2019-11-04 01:26 - 2019-11-07 19:34 - 000000000 ____D C:\Users\baile\AppData\Roaming\KasperskyUpgradeLogs
2019-11-03 19:21 - 2019-11-03 19:21 - 000001652 _____ C:\Users\baile\Desktop\Nov2019 - Shortcut.lnk
2019-11-03 18:57 - 2019-11-03 18:57 - 000000000 ____D C:\Users\baile\AppData\Local\Kaspersky Lab
2019-11-03 18:13 - 2019-11-03 18:42 - 000000000 ____D C:\$SysReset
2019-11-03 15:05 - 2019-11-03 15:05 - 000000000 ____D C:\Users\baile\AppData\Roaming\AVAST Software
2019-11-03 14:24 - 2019-11-03 14:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-11-02 18:28 - 2019-11-02 18:28 - 000000000 ____D C:\Users\baile\AppData\Local\TempTaskUpdateDetectionB4D7477D-46BC-4F33-A858-0E5D9DE22D7F
2019-10-29 17:29 - 2019-11-04 13:51 - 000000000 ____D C:\Users\baile\Documents\Kohls
2019-10-21 21:14 - 2019-11-07 02:24 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-21 21:14 - 2019-11-05 15:35 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-21 21:14 - 2019-11-05 15:35 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-21 21:14 - 2019-11-05 15:35 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-21 21:14 - 2019-11-03 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-21 21:13 - 2019-10-21 21:13 - 066367928 _____ (Malwarebytes ) C:\Users\baile\Downloads\mb3-setup-37469.37469-3.8.3.2965-1.0.627-1.0.12633.exe
2019-10-21 20:02 - 2019-11-05 14:29 - 000000000 ____D C:\Program Files\Common Files\AV
2019-10-21 19:58 - 2019-10-21 19:58 - 003003104 _____ (Kaspersky) C:\Users\baile\Downloads\kav20.0.14.1085abcen_es_fr_19078.exe
2019-10-17 23:35 - 2019-10-17 23:36 - 000000000 ____D C:\Users\baile\Documents\HP Printer
2019-10-17 21:17 - 2019-10-18 11:38 - 000000000 ___RD C:\Users\baile\Documents\RocketLifeNetwork
2019-10-17 21:17 - 2019-10-17 21:17 - 000000000 ____D C:\Users\baile\AppData\Roaming\Visan
2019-10-17 21:17 - 2019-10-17 21:17 - 000000000 ____D C:\Users\baile\AppData\Local\RLPlatform
2019-10-17 18:49 - 2019-10-17 18:50 - 000000000 ____D C:\Users\baile\Documents\Walgreens
2019-10-17 16:35 - 2019-10-17 16:35 - 000000000 ____D C:\Users\baile\Documents\HpReg_Backup
2019-10-17 16:34 - 2019-10-17 19:22 - 000002088 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2019-10-17 16:34 - 2019-10-17 19:22 - 000002088 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2019-10-17 16:34 - 2019-10-17 16:34 - 000000000 ____D C:\Users\baile\AppData\Roaming\HPPSDr
2019-10-17 15:56 - 2019-10-17 15:56 - 000000000 ____D C:\ProgramData\Visan
2019-10-17 15:55 - 2019-10-17 15:55 - 000003746 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP OfficeJet Pro 8020 series
2019-10-17 15:55 - 2019-10-17 15:55 - 000001332 _____ C:\Users\Public\Desktop\HP Print Scan Doctor Downloader - HP OfficeJet Pro 8020 series.lnk
2019-10-17 15:55 - 2019-10-17 15:55 - 000001332 _____ C:\ProgramData\Desktop\HP Print Scan Doctor Downloader - HP OfficeJet Pro 8020 series.lnk
2019-10-17 15:55 - 2019-10-17 15:55 - 000001322 _____ C:\Users\Public\Desktop\HP OfficeJet Pro 8020 series-HP Scan.lnk
2019-10-17 15:55 - 2019-10-17 15:55 - 000001322 _____ C:\ProgramData\Desktop\HP OfficeJet Pro 8020 series-HP Scan.lnk
2019-10-17 15:55 - 2019-10-17 15:55 - 000001285 _____ C:\Users\Public\Desktop\Shop for Supplies - HP OfficeJet Pro 8020 series.lnk
2019-10-17 15:55 - 2019-10-17 15:55 - 000001285 _____ C:\ProgramData\Desktop\Shop for Supplies - HP OfficeJet Pro 8020 series.lnk
2019-10-17 15:53 - 2019-10-17 15:54 - 138462472 _____ C:\Users\baile\Downloads\OJP8020_Full_WebPack_49.3.4475.exe
2019-10-17 15:51 - 2019-10-17 15:51 - 000000000 ____D C:\Users\baile\AppData\Local\GoToAssist Remote Support Customer
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\WebKit.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\MediaAccessibility.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\iTunes.Resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\Foundation.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\CoreText.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\CoreMedia.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\CoreFoundation.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\ColorSync.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\CFNetwork.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\AVFoundationCF.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Users\baile\Downloads\AuthKitWin.resources
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-10-16 20:03 - 2019-10-16 20:03 - 000000000 ____D C:\Program Files\iPod
2019-10-16 20:01 - 2019-10-16 20:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-10-16 20:01 - 2019-10-16 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-10-16 20:01 - 2019-10-16 20:01 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-10-15 21:06 - 2019-11-06 14:50 - 000000000 ____D C:\Users\baile\Documents\Medicare
2019-10-12 18:30 - 2019-10-12 18:30 - 000002441 _____ C:\Users\baile\Desktop\Outlook 2013.lnk
2019-10-09 23:17 - 2019-11-05 22:17 - 000000127 _____ C:\Users\baile\Desktop\Facebook.url
2019-10-08 19:52 - 2019-10-08 19:52 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 023455744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 012960768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 009680400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 008903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 004873728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002429768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-08 19:52 - 2019-10-08 19:52 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-08 19:52 - 2019-10-08 19:52 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-08 19:52 - 2019-10-08 19:52 - 002110472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 002015400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-08 19:52 - 2019-10-08 19:52 - 001677816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001666232 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-08 19:52 - 2019-10-08 19:52 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001056056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000895560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-08 19:52 - 2019-10-08 19:52 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2019-10-08 19:52 - 2019-10-08 19:52 - 000843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000805296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000681720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000508728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-08 19:52 - 2019-10-08 19:52 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-08 19:52 - 2019-10-08 19:52 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000385336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-08 19:52 - 2019-10-08 19:52 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-08 19:52 - 2019-10-08 19:52 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000201736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-08 19:52 - 2019-10-08 19:52 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-08 19:52 - 2019-10-08 19:52 - 000163232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000104464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-08 19:52 - 2019-10-08 19:52 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-08 19:52 - 2019-10-08 19:52 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2019-10-08 19:52 - 2019-10-08 19:52 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-08 19:52 - 2019-10-08 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-07 21:59 - 2018-04-12 15:34 - 000000000 ____D C:\FRST
2019-11-07 21:58 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\registration
2019-11-07 21:52 - 2017-11-09 18:41 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-07 20:16 - 2017-12-20 15:47 - 000000000 ____D C:\Users\baile\Documents\Outlook Files
2019-11-07 19:42 - 2019-08-07 19:58 - 000000000 ___DC C:\WINDOWS\Panther
2019-11-07 19:37 - 2019-10-01 20:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-07 19:37 - 2019-10-01 20:08 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-11-07 19:35 - 2019-08-07 20:30 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B393C7FE-B95B-48A2-8819-C5B1623E23B2}
2019-11-07 19:35 - 2019-08-07 20:29 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-11-07 19:35 - 2019-08-07 20:29 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-11-07 19:35 - 2019-03-19 01:02 - 000000000 ___HD C:\$WINDOWS.~BT
2019-11-07 19:32 - 2017-12-19 19:36 - 000000000 ____D C:\Users\baile\AppData\Roaming\WTablet
2019-11-07 19:31 - 2018-09-15 01:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-07 02:37 - 2019-08-07 20:34 - 000005768 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-07 02:24 - 2019-08-07 20:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-07 02:24 - 2018-09-15 01:31 - 000000000 ____D C:\WINDOWS\INF
2019-11-07 02:24 - 2018-09-15 00:09 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-11-07 02:23 - 2018-09-15 00:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-11-07 01:55 - 2018-09-15 01:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-07 01:12 - 2017-12-30 22:58 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-07 00:52 - 2018-06-21 03:36 - 000000000 ____D C:\Users\baile\AppData\Local\CrashDumps
2019-11-06 20:30 - 2017-12-20 00:53 - 000000000 ____D C:\Users\baile\AppData\Local\Adobe
2019-11-06 20:17 - 2019-08-07 20:24 - 000453088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-06 19:51 - 2019-08-07 20:25 - 000000000 ____D C:\Users\baile
2019-11-06 19:51 - 2018-04-13 03:46 - 000000000 ____D C:\Users\baile\AppData\Local\Facebook
2019-11-06 19:48 - 2018-09-15 01:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-06 19:48 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-06 19:45 - 2018-03-22 21:52 - 000000000 ____D C:\Users\baile\AppData\Roaming\Millisecond Software
2019-11-06 19:42 - 2019-06-09 22:32 - 000000000 ____D C:\Users\baile\Downloads\Epic Games
2019-11-06 15:02 - 2011-07-25 12:40 - 000300832 _____ (Sysinternals -
www.sysinternals.com) C:\Users\baile\Downloads\Tcpview.exe
2019-11-06 15:02 - 2010-07-28 15:47 - 000199544 _____ (Sysinternals -
www.sysinternals.com) C:\Users\baile\Downloads\Tcpvcon.exe
2019-11-06 15:02 - 2010-07-02 16:03 - 000041074 _____ C:\Users\baile\Downloads\tcpview.chm
2019-11-06 15:02 - 2006-07-28 09:32 - 000007005 _____ C:\Users\baile\Downloads\Eula.txt
2019-11-06 15:02 - 2002-09-02 13:13 - 000007983 _____ C:\Users\baile\Downloads\TCPVIEW.HLP
2019-11-06 14:14 - 2019-08-07 20:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-06 13:45 - 2017-12-19 21:12 - 000000000 ____D C:\Users\baile\AppData\Local\Packages
2019-11-06 13:44 - 2018-04-24 19:10 - 000000000 ____D C:\Users\baile\Documents\Amazon
2019-11-06 12:13 - 2017-12-20 00:54 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-11-06 12:09 - 2017-12-19 19:36 - 000000000 ____D C:\Users\baile\AppData\Local\VirtualStore
2019-11-05 14:01 - 2019-08-07 20:30 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-05 14:01 - 2019-08-07 20:30 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-05 14:01 - 2017-12-30 22:57 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-03 20:09 - 2017-12-19 19:38 - 000000000 ___RD C:\Users\baile\OneDrive
2019-11-03 19:57 - 2018-01-12 21:58 - 000000000 ___RD C:\Users\baile\iCloudDrive
2019-11-03 19:37 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-03 18:53 - 2019-08-07 20:30 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-260720292-2504253849-2348319339-1001
2019-11-03 18:53 - 2019-08-07 20:25 - 000002370 _____ C:\Users\baile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-03 18:53 - 2018-09-15 01:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-03 18:45 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\L2Schemas
2019-11-03 18:45 - 2018-09-15 00:09 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-11-03 18:43 - 2017-12-26 15:51 - 000000000 ____D C:\Users\baile\AppData\Local\Microsoft Help
2019-11-03 18:43 - 2017-12-20 00:57 - 000000000 ___RD C:\Users\baile\Creative Cloud Files
2019-11-03 18:42 - 2018-01-05 00:16 - 000000000 ____D C:\Users\baile\Documents\2 Pam Health Savings Account
2019-11-03 18:42 - 2017-12-19 19:36 - 000000000 ____D C:\Users\baile\AppData\Local\ConnectedDevicesPlatform
2019-11-03 18:42 - 2017-11-09 18:42 - 000000000 ____D C:\Program Files (x86)\Intel
2019-11-03 18:20 - 2018-05-05 14:45 - 000000000 ____D C:\Users\baile\Documents\Pam
2019-11-03 18:20 - 2018-04-12 15:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-03 18:20 - 2017-12-26 22:55 - 000000000 __RHD C:\MSOCache
2019-11-03 18:20 - 2017-11-09 18:42 - 000000000 ___HD C:\Intel
2019-11-03 18:20 - 2017-11-09 18:41 - 000000000 ____D C:\Program Files\Intel
2019-11-03 16:27 - 2018-01-29 00:21 - 000000000 ____D C:\Users\baile\AppData\Local\AVAST Software
2019-11-03 15:36 - 2017-12-20 01:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-03 15:25 - 2017-12-19 22:35 - 000000000 ____D C:\Users\baile\AppData\Local\ElevatedDiagnostics
2019-11-03 14:35 - 2018-04-13 04:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-11-03 01:30 - 2017-12-20 00:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-11-03 01:28 - 2018-06-17 15:34 - 000000000 ____D C:\ProgramData\Packages
2019-11-03 01:28 - 2017-12-20 00:54 - 000000000 ____D C:\ProgramData\Adobe
2019-11-03 01:27 - 2018-05-19 00:49 - 000000000 ____D C:\Users\baile\AppData\Local\D3DSCache
2019-11-02 14:01 - 2017-12-19 19:38 - 000000000 ____D C:\Users\baile\AppData\Local\Comms
2019-11-02 01:38 - 2018-01-13 01:27 - 000000000 ____D C:\Users\baile\Documents\Microsoft data
2019-11-01 12:00 - 2018-11-28 18:21 - 000000000 ____D C:\Users\baile\AppData\Roaming\Grammarly
2019-10-31 23:48 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-22 00:03 - 2018-01-13 01:36 - 000000000 ____D C:\Users\baile\Documents\Travel
2019-10-21 20:32 - 2018-01-05 00:16 - 000000000 ____D C:\Users\baile\Documents\Cross Bow
2019-10-21 17:09 - 2018-01-05 00:16 - 000000000 ____D C:\Users\baile\Documents\1 Greg Health Savings Account
2019-10-21 01:22 - 2018-02-10 13:14 - 000000000 ____D C:\Users\baile\Documents\American Family
2019-10-17 21:17 - 2018-06-17 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-10-17 18:50 - 2017-12-20 00:25 - 000000000 ____D C:\Users\baile\AppData\Local\PlaceholderTileLogoFolder
2019-10-17 18:29 - 2018-06-17 21:14 - 000000000 ____D C:\ProgramData\HP
2019-10-17 17:37 - 2019-10-01 20:08 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-17 16:34 - 2018-06-17 21:14 - 000000000 ____D C:\Program Files (x86)\HP
2019-10-17 15:57 - 2018-06-17 21:13 - 000000000 ____D C:\Users\baile\AppData\Local\HP
2019-10-17 15:55 - 2018-06-17 21:14 - 000000000 ____D C:\Program Files\HP
2019-10-16 20:03 - 2019-06-12 16:45 - 000000000 ____D C:\Users\baile\Downloads\JavaScriptCore.resources
2019-10-16 20:01 - 2017-12-22 22:38 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-10-15 18:19 - 2017-12-20 16:49 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-10-09 20:48 - 2019-08-07 20:30 - 000004598 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-09 20:48 - 2019-08-07 20:30 - 000004422 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-10-09 20:48 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-09 20:48 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-08 21:56 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-08 21:56 - 2018-09-15 01:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-08 21:56 - 2018-09-15 00:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-08 19:53 - 2017-12-20 01:26 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2019-08-16 18:02 - 2019-08-16 18:02 - 000000000 _____ () C:\Users\baile\AppData\Local\BITCC06.tmp
2019-08-16 18:02 - 2019-08-16 18:02 - 000000000 _____ () C:\Users\baile\AppData\Local\BITCC36.tmp
2018-09-25 22:03 - 2018-09-25 22:03 - 000000000 _____ () C:\Users\baile\AppData\Local\oobelibMkey.log
2019-08-09 16:03 - 2019-08-09 16:03 - 000000017 _____ () C:\Users\baile\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================