Nicki
Posts: 210 +0
Family computer (many users) very slow. Must have picked up something. Scans I have done not picking up anything. Need assistance fixing.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 4.02.2019
Ran by Nicki A. Layman (administrator) on C3N01-NICKI (05-02-2019 09:13:57)
Running from C:\Users\Nicki A. Layman\Desktop
Loaded Profiles: Nicki A. Layman (Available Profiles: Nicki A. Layman)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\nsWscSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\NortonSecurity.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\NortonSecurity.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
() C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.1.30.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5776712 2013-11-25] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [611248 2015-05-21] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [3523848 2018-07-03] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\MountPoints2: {10195be0-f373-11e8-83dc-e74cf390b7f0} - "D:\LaunchU3.exe"
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Billminder.lnk [2015-06-12]
ShortcutTarget: Billminder.lnk -> C:\Program Files (x86)\Quicken\billmind.exe (Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk [2015-06-12]
ShortcutTarget: Quicken Scheduled Updates.lnk -> C:\Program Files (x86)\Quicken\bagent.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Startup.lnk [2015-06-12]
ShortcutTarget: Quicken Startup.lnk -> C:\Program Files (x86)\Quicken\QWDLLS.EXE (Intuit)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{04b62a43-b658-451d-bb8c-19a8be0592dd}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.com/
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
FireFox:
========
FF ProfilePath: C:\Users\Nicki A. Layman\AppData\Roaming\Mozilla\Firefox\Profiles\0149i8yj.default-1473871826246 [2019-02-05]
FF Homepage: Mozilla\Firefox\Profiles\0149i8yj.default-1473871826246 -> www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://sidelineswap.com/static/assets/src/images/icons/icon-32x32.png
CHR Profile: C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default [2019-02-05]
CHR Extension: (Slides) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-04]
CHR Extension: (Docs) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-04]
CHR Extension: (Google Drive) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-04]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-11-04]
CHR Extension: (YouTube) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-04]
CHR Extension: (Honey) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-02-02]
CHR Extension: (The EDGE) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonidcfgodikbmdhnjalkkgdeklncbgi [2018-11-04]
CHR Extension: (EasyBib) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbpiiblghhnlalifiaddecedaeaijdpe [2018-11-04]
CHR Extension: (SidelineSwap) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbihabkbniojnbhfhoganlkikmpfadnc [2018-11-04]
CHR Extension: (Google News) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2018-11-04]
CHR Extension: (Pandora) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2018-11-04]
CHR Extension: (Google Finance) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp [2018-11-04]
CHR Extension: (Sheets) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-04]
CHR Extension: (Little Alchemy) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2018-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-31]
CHR Extension: (Gmail) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2015-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc -> Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc -> Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-01-09] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887232 2013-12-24] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\NortonSecurity.exe [328648 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\nsWscSvc.exe [915712 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] (Microsoft Windows -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc. -> Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [564144 2015-05-21] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-20] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4325808 2016-07-28] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\Definitions\BASHDefs\20190129.006\BHDrvx64.sys [1925104 2018-09-17] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\ccSetx64.sys [189152 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-11-28] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2018-11-30] (Symantec Corporation -> Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\Definitions\IPSDefs\20190204.061\IDSvia64.sys [1424904 2019-01-21] (Symantec Corporation -> Symantec Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSP64.SYS [855256 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSPX64.SYS [49880 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SYMEFASI64.SYS [1969328 2018-12-12] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymELAM.sys [25744 2018-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-06-17] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\SymPlatform\SymEvnt.sys [678616 2019-01-28] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\Ironx64.SYS [308416 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\symnets.sys [567024 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\wpCtrlDrv.sys [1011056 2018-12-12] (Symantec Corporation -> Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 09:13 - 2019-02-05 09:15 - 000024127 _____ C:\Users\Nicki A. Layman\Desktop\FRST.txt
2019-02-05 09:13 - 2019-02-05 09:13 - 002433024 _____ (Farbar) C:\Users\Nicki A. Layman\Desktop\FRST64.exe
2019-02-05 09:13 - 2019-02-05 09:13 - 000000000 ____D C:\Users\Nicki A. Layman\Desktop\FRST-OlderVersion
2019-02-05 09:13 - 2019-02-05 09:13 - 000000000 ____D C:\FRST
2019-02-05 06:16 - 2019-02-05 06:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-02-05 01:44 - 2019-02-05 01:44 - 000000616 _____ C:\Users\Nicki A. Layman\Downloads\cc_20190205_014404.reg
2019-02-05 01:43 - 2019-02-05 01:43 - 000050070 _____ C:\Users\Nicki A. Layman\Downloads\cc_20190205_014326.reg
2019-02-05 01:35 - 2019-02-05 01:44 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 01:34 - 2019-02-05 01:34 - 019341880 _____ (Piriform Software Ltd) C:\Users\Nicki A. Layman\Downloads\ccsetup552.exe
2019-02-05 01:04 - 2019-02-05 01:04 - 007316688 _____ (Malwarebytes) C:\Users\Nicki A. Layman\Downloads\adwcleaner_7.2.7.0.exe
2019-02-03 00:55 - 2019-02-03 00:55 - 000340450 _____ C:\Users\Nicki A. Layman\Downloads\Statement_012019_4318.pdf
2019-02-03 00:10 - 2019-02-03 00:10 - 000121068 _____ C:\Users\Nicki A. Layman\Downloads\NTO_12019020305105700041597819323834E4ED98D14E5071612EDE5.pdf
2019-02-03 00:08 - 2019-02-03 00:08 - 001510171 _____ C:\Users\Nicki A. Layman\Downloads\Green Savings, January 2019 (1).pdf
2019-02-03 00:08 - 2019-02-03 00:08 - 001494670 _____ C:\Users\Nicki A. Layman\Downloads\One Deposit Checking, January 2019 (1).pdf
2019-02-03 00:07 - 2019-02-03 00:08 - 001512927 _____ C:\Users\Nicki A. Layman\Downloads\Green Savings, January 2019.pdf
2019-02-03 00:07 - 2019-02-03 00:07 - 001567449 _____ C:\Users\Nicki A. Layman\Downloads\One Deposit Checking, January 2019.pdf
2019-02-02 19:24 - 2019-02-02 19:24 - 000204388 _____ C:\Users\Nicki A. Layman\Downloads\cbablue_authreleaseinfo.pdf
2019-02-02 18:11 - 2019-02-02 18:11 - 000068685 _____ C:\Users\Nicki A. Layman\Downloads\download.html
2019-01-31 08:04 - 2019-01-31 08:04 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-31 08:04 - 2019-01-31 08:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-31 08:04 - 2019-01-31 08:04 - 000000000 ____D C:\Program Files\iPod
2019-01-31 08:03 - 2019-01-31 08:04 - 000000000 ____D C:\Program Files\iTunes
2019-01-31 07:57 - 2019-01-31 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-01-30 17:10 - 2019-01-30 17:11 - 000068679 _____ C:\Users\Nicki A. Layman\Downloads\Cale report card 01.30.19 1199059d-4c91-45b3-9f53-ab3e9a529ecc.pdf
2019-01-30 16:54 - 2019-01-30 16:54 - 000098662 _____ C:\Users\Nicki A. Layman\Downloads\Blog 17 ff.pdf
2019-01-30 16:54 - 2019-01-30 16:54 - 000098662 _____ C:\Users\Nicki A. Layman\Documents\Blog 17 ff.pdf
2019-01-29 20:36 - 2019-01-29 20:36 - 000206333 _____ C:\Users\Nicki A. Layman\Downloads\Brokerage Trade Transaction (2).pdf
2019-01-29 19:59 - 2019-01-29 19:59 - 000271679 _____ C:\Users\Nicki A. Layman\Downloads\instantpot-NEW.pdf
2019-01-28 23:33 - 2019-01-28 23:34 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\00-Temp TXFR Thumbdrive
2019-01-27 20:58 - 2019-01-27 20:58 - 000097162 _____ C:\Users\Nicki A. Layman\Downloads\statement-Dec-2018.pdf
2019-01-25 23:07 - 2019-01-25 23:07 - 000003400 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-01-25 23:06 - 2019-02-05 01:08 - 000002436 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-01-25 23:06 - 2019-02-05 01:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2019-01-25 22:39 - 2019-01-25 22:39 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-360536505-2673825806-2265472118-1001
2019-01-25 22:38 - 2019-01-25 22:38 - 000002438 _____ C:\Users\Nicki A. Layman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-21 23:47 - 2019-01-21 23:47 - 000640214 _____ C:\Users\Nicki A. Layman\Downloads\AMEX Statement_Jan 2019.pdf
2019-01-20 17:27 - 2019-01-20 17:27 - 000076365 _____ C:\Users\Nicki A. Layman\Downloads\Brokerage Trade Transaction (1).pdf
2019-01-20 11:52 - 2019-01-20 11:52 - 000000037 _____ C:\WINDOWS\SysWOW64\SmartFlow.txt
2019-01-16 21:14 - 2019-01-16 21:14 - 000254431 _____ C:\Users\Nicki A. Layman\Downloads\AMERIPRISE Annual Statement 2018.pdf
2019-01-13 19:22 - 2019-01-13 19:22 - 000080253 _____ C:\Users\Nicki A. Layman\Downloads\Investment Suitability.pdf
2019-01-13 09:41 - 2019-01-13 09:41 - 000127875 _____ C:\Users\Nicki A. Layman\Downloads\CALE ACT ScoreReport.pdf
2019-01-13 09:38 - 2019-01-13 09:39 - 005084206 _____ C:\Users\Nicki A. Layman\Downloads\CALE PSATStudentScoreReport_1547390336303.pdf
2019-01-13 09:37 - 2019-01-13 09:38 - 001731399 _____ C:\Users\Nicki A. Layman\Downloads\CALE SATStudentScoreReport_1547390272424.pdf
2019-01-13 00:28 - 2019-01-13 00:28 - 000094278 _____ C:\Users\Nicki A. Layman\Documents\Ionic Bond Puzzle Pieces.pdf
2019-01-12 21:45 - 2019-01-12 21:45 - 000092027 _____ C:\Users\Nicki A. Layman\Downloads\statement-Nov-2018.pdf
2019-01-12 12:07 - 2019-01-12 12:07 - 000066080 _____ C:\Users\Nicki A. Layman\Downloads\ionic_bonding_activity.pdf
2019-01-09 23:06 - 2019-01-09 23:06 - 000000000 ____D C:\Users\Nicki A. Layman\AppData\Local\Dell Inc
2019-01-09 21:52 - 2019-01-09 21:52 - 000880758 _____ C:\Users\Nicki A. Layman\Downloads\ion_fit.pdf
2019-01-09 11:52 - 2019-01-09 11:52 - 003869110 _____ C:\Users\Nicki A. Layman\Downloads\K of C Scholastic Achievment Scholarship.pdf
2019-01-09 11:51 - 2019-01-09 11:51 - 003604525 _____ C:\Users\Nicki A. Layman\Downloads\Dennis Comai Scholarship.pdf
2019-01-09 11:49 - 2019-01-09 11:49 - 008406025 _____ C:\Users\Nicki A. Layman\Downloads\Vermont JCI Senate.pdf
2019-01-09 11:29 - 2019-01-02 14:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-09 11:29 - 2019-01-02 14:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 11:20 - 2019-01-01 02:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 11:20 - 2019-01-01 01:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 11:20 - 2019-01-01 01:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 11:20 - 2019-01-01 01:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 11:19 - 2019-01-01 08:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 11:19 - 2019-01-01 08:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 11:19 - 2019-01-01 08:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 11:19 - 2019-01-01 08:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 11:19 - 2019-01-01 08:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 11:19 - 2019-01-01 08:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 11:19 - 2019-01-01 08:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 11:19 - 2019-01-01 08:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 11:19 - 2019-01-01 08:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 11:19 - 2019-01-01 08:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 11:19 - 2019-01-01 02:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 11:19 - 2019-01-01 02:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 11:19 - 2019-01-01 02:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 11:19 - 2019-01-01 02:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 11:19 - 2019-01-01 02:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 11:19 - 2019-01-01 02:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 11:19 - 2019-01-01 02:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 11:19 - 2019-01-01 02:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 11:19 - 2019-01-01 02:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 11:19 - 2019-01-01 02:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 11:19 - 2019-01-01 02:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 11:19 - 2019-01-01 02:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 11:19 - 2019-01-01 02:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 11:19 - 2019-01-01 02:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 11:19 - 2019-01-01 02:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 11:19 - 2019-01-01 01:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 11:19 - 2019-01-01 01:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 11:19 - 2019-01-01 01:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 11:19 - 2019-01-01 01:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 11:19 - 2019-01-01 01:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 11:19 - 2019-01-01 01:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 11:19 - 2019-01-01 01:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 11:19 - 2019-01-01 01:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 11:19 - 2019-01-01 01:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 11:19 - 2019-01-01 01:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 11:19 - 2019-01-01 01:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 11:19 - 2019-01-01 01:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 11:19 - 2019-01-01 01:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 11:19 - 2019-01-01 01:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 11:19 - 2019-01-01 01:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 11:19 - 2019-01-01 01:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 11:19 - 2019-01-01 01:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 11:19 - 2019-01-01 01:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 11:19 - 2019-01-01 01:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 11:19 - 2019-01-01 01:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 11:19 - 2019-01-01 01:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 11:19 - 2019-01-01 01:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 11:19 - 2019-01-01 01:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 11:19 - 2019-01-01 01:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 11:19 - 2019-01-01 01:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 11:19 - 2019-01-01 00:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 11:19 - 2018-12-18 23:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-08 20:05 - 2019-01-08 20:05 - 000367153 _____ C:\Users\Nicki A. Layman\Documents\Cooper Harvey.pdf
2019-01-08 18:54 - 2019-01-08 19:01 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\2018.19 Boys Hockey
2019-01-08 18:54 - 2019-01-08 18:56 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\2018.19 Girls Hockey
2019-01-08 18:51 - 2019-01-08 18:51 - 003068084 _____ C:\Users\Nicki A. Layman\Downloads\IMG_5970.HEIC
2019-01-08 12:40 - 2019-01-08 12:40 - 007320272 _____ (Malwarebytes) C:\Users\Nicki A. Layman\Downloads\adwcleaner_7.2.6.0.exe
2019-01-08 11:30 - 2019-01-08 11:31 - 005435396 _____ C:\Users\Nicki A. Layman\Downloads\EX6100-V1.0.2.24_1.1.134.zip
2019-01-08 10:29 - 2019-01-08 10:30 - 003644744 _____ C:\Users\Nicki A. Layman\Downloads\BrMain488 (1).exe
2019-01-08 10:18 - 2019-01-08 10:18 - 003644744 _____ C:\Users\Nicki A. Layman\Downloads\BrMain488.exe
2019-01-08 10:16 - 2019-01-08 10:16 - 000002132 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2019-01-08 10:15 - 2016-10-17 11:11 - 000363520 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM13A.DLL
2019-01-08 10:10 - 2019-01-08 10:11 - 046950032 _____ (A.I.SOFT,INC.) C:\Users\Nicki A. Layman\Downloads\HL-L2360DW-inst-D1-US3.EXE
2019-01-08 09:45 - 2019-01-08 10:12 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\Install
2019-01-08 09:45 - 2019-01-08 09:45 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\rempnp
2019-01-08 09:44 - 2019-01-08 09:44 - 001110160 _____ (SOURCENEXT CORPORATION) C:\Users\Nicki A. Layman\Downloads\delinf_10390.EXE
2019-01-08 09:43 - 2019-01-08 09:44 - 214281024 _____ (SOURCENEXT CORPORATION) C:\Users\Nicki A. Layman\Downloads\Y17B_C1_ULWL-usa-inst-C1.EXE
2019-01-08 08:15 - 2019-01-08 08:15 - 000023055 _____ C:\Users\Nicki A. Layman\Downloads\Casella Waste 2019 Invoice document_0s796875.pdf
2019-01-07 15:32 - 2019-01-07 15:32 - 000122316 _____ C:\Users\Nicki A. Layman\Downloads\HELOC and MOrtgage Statement Dec 2018.pdf
2019-01-07 15:16 - 2019-01-07 15:16 - 000122268 _____ C:\Users\Nicki A. Layman\Downloads\NTO_120190107201559000705F6B00DADF9C44B39BF92AA12C2FF6387.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 09:07 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-05 07:51 - 2018-06-07 08:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-05 06:30 - 2018-10-13 13:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security Suite
2019-02-05 06:28 - 2018-04-06 18:01 - 000000000 ____D C:\Program Files (x86)\Dell Update
2019-02-05 06:28 - 2017-10-20 10:29 - 000000000 ____D C:\Program Files (x86)\Dell Customer Connect
2019-02-05 06:05 - 2015-12-02 16:02 - 000000000 ____D C:\Users\Nicki A. Layman\AppData\Local\Adobe
2019-02-05 06:02 - 2014-10-19 14:54 - 000000000 __SHD C:\Users\Nicki A. Layman\IntelGraphicsProfiles
2019-02-05 01:45 - 2018-06-07 08:51 - 000000000 ____D C:\Users\Nicki A. Layman
2019-02-05 01:37 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-05 01:37 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-05 01:12 - 2018-06-07 09:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-04 21:47 - 2015-01-30 11:13 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\03-Cale
2019-02-02 18:46 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-02 16:10 - 2015-01-30 11:15 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\00-Nicki
2019-02-01 15:45 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-31 20:38 - 2018-12-09 11:34 - 000018391 _____ C:\Users\Nicki A. Layman\NSL Time Log.xlsx
2019-01-31 17:35 - 2017-01-15 20:48 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-31 08:30 - 2017-05-23 10:16 - 000000000 ___RD C:\Users\Nicki A. Layman\iCloudDrive
2019-01-31 08:26 - 2018-04-11 16:04 - 000016384 _____ C:\WINDOWS\system32\config\ELAM
2019-01-31 08:24 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-28 19:34 - 2015-01-30 11:13 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\02-Colton
2019-01-28 17:08 - 2018-07-18 20:06 - 000000000 ____D C:\ProgramData\Packages
2019-01-25 23:07 - 2018-02-21 10:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-01-25 23:05 - 2014-11-04 10:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-25 23:05 - 2014-11-04 10:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-25 22:38 - 2015-05-06 15:01 - 000000000 ___RD C:\Users\Nicki A. Layman\OneDrive
2019-01-25 20:39 - 2015-01-30 11:07 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\04-Insurance, Investments and Taxes
2019-01-20 11:42 - 2018-11-21 11:53 - 000000000 _____ C:\WINDOWS\SysWOW64\SpyWareFolderstoFilter.txt
2019-01-17 17:07 - 2018-11-16 09:08 - 000000000 ____D C:\Program Files\rempl
2019-01-16 20:59 - 2018-10-21 18:02 - 000000132 _____ C:\Users\Nicki A. Layman\AppData\Roaming\Adobe PNG Format CC Prefs
2019-01-15 16:43 - 2014-11-04 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-11 11:35 - 2015-01-31 14:11 - 000073192 _____ C:\Users\Nicki A. Layman\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-10 06:12 - 2018-10-13 12:56 - 000353640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-09 23:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 23:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 23:11 - 2014-08-16 11:51 - 000000000 ____D C:\ProgramData\PCDr
2019-01-09 23:09 - 2014-08-16 11:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-01-09 23:06 - 2018-10-13 12:13 - 000000000 ____D C:\ProgramData\SupportAssist
2019-01-09 11:37 - 2014-10-19 16:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 11:30 - 2014-10-19 16:01 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-09 11:29 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-08 12:07 - 2018-06-07 09:35 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-08 12:07 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 12:07 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-08 10:36 - 2015-05-21 09:10 - 000000000 ____D C:\Users\Nicki A. Layman\AppData\Local\ElevatedDiagnostics
2019-01-08 10:19 - 2015-05-11 17:49 - 000000000 ____D C:\Program Files (x86)\Brother
2019-01-08 10:16 - 2016-08-29 11:54 - 000002215 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2019-01-08 10:15 - 2015-05-11 17:49 - 000000000 ____D C:\Program Files (x86)\Browny02
==================== Files in the root of some directories =======
2018-10-21 18:02 - 2019-01-16 20:59 - 000000132 _____ () C:\Users\Nicki A. Layman\AppData\Roaming\Adobe PNG Format CC Prefs
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-07 08:41
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 4.02.2019
Ran by Nicki A. Layman (administrator) on C3N01-NICKI (05-02-2019 09:13:57)
Running from C:\Users\Nicki A. Layman\Desktop
Loaded Profiles: Nicki A. Layman (Available Profiles: Nicki A. Layman)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\nsWscSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\NortonSecurity.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\NortonSecurity.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
() C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.1.30.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5776712 2013-11-25] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [611248 2015-05-21] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [3523848 2018-07-03] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\...\MountPoints2: {10195be0-f373-11e8-83dc-e74cf390b7f0} - "D:\LaunchU3.exe"
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Billminder.lnk [2015-06-12]
ShortcutTarget: Billminder.lnk -> C:\Program Files (x86)\Quicken\billmind.exe (Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk [2015-06-12]
ShortcutTarget: Quicken Scheduled Updates.lnk -> C:\Program Files (x86)\Quicken\bagent.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Startup.lnk [2015-06-12]
ShortcutTarget: Quicken Startup.lnk -> C:\Program Files (x86)\Quicken\QWDLLS.EXE (Intuit)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{04b62a43-b658-451d-bb8c-19a8be0592dd}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-360536505-2673825806-2265472118-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.com/
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
FireFox:
========
FF ProfilePath: C:\Users\Nicki A. Layman\AppData\Roaming\Mozilla\Firefox\Profiles\0149i8yj.default-1473871826246 [2019-02-05]
FF Homepage: Mozilla\Firefox\Profiles\0149i8yj.default-1473871826246 -> www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://sidelineswap.com/static/assets/src/images/icons/icon-32x32.png
CHR Profile: C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default [2019-02-05]
CHR Extension: (Slides) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-04]
CHR Extension: (Docs) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-04]
CHR Extension: (Google Drive) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-04]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-11-04]
CHR Extension: (YouTube) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-04]
CHR Extension: (Honey) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-02-02]
CHR Extension: (The EDGE) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonidcfgodikbmdhnjalkkgdeklncbgi [2018-11-04]
CHR Extension: (EasyBib) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbpiiblghhnlalifiaddecedaeaijdpe [2018-11-04]
CHR Extension: (SidelineSwap) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbihabkbniojnbhfhoganlkikmpfadnc [2018-11-04]
CHR Extension: (Google News) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2018-11-04]
CHR Extension: (Pandora) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2018-11-04]
CHR Extension: (Google Finance) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp [2018-11-04]
CHR Extension: (Sheets) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-04]
CHR Extension: (Little Alchemy) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2018-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-31]
CHR Extension: (Gmail) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Nicki A. Layman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2015-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc -> Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc -> Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-01-09] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc -> Dell Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887232 2013-12-24] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\NortonSecurity.exe [328648 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files (x86)\Norton Security Suite\Engine\22.16.3.21\nsWscSvc.exe [915712 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] (Microsoft Windows -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc. -> Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [564144 2015-05-21] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-20] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4325808 2016-07-28] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\Definitions\BASHDefs\20190129.006\BHDrvx64.sys [1925104 2018-09-17] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\ccSetx64.sys [189152 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-11-28] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2018-11-30] (Symantec Corporation -> Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\Definitions\IPSDefs\20190204.061\IDSvia64.sys [1424904 2019-01-21] (Symantec Corporation -> Symantec Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSP64.SYS [855256 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSPX64.SYS [49880 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SYMEFASI64.SYS [1969328 2018-12-12] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymELAM.sys [25744 2018-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-06-17] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\SymPlatform\SymEvnt.sys [678616 2019-01-28] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\Ironx64.SYS [308416 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\symnets.sys [567024 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\wpCtrlDrv.sys [1011056 2018-12-12] (Symantec Corporation -> Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 09:13 - 2019-02-05 09:15 - 000024127 _____ C:\Users\Nicki A. Layman\Desktop\FRST.txt
2019-02-05 09:13 - 2019-02-05 09:13 - 002433024 _____ (Farbar) C:\Users\Nicki A. Layman\Desktop\FRST64.exe
2019-02-05 09:13 - 2019-02-05 09:13 - 000000000 ____D C:\Users\Nicki A. Layman\Desktop\FRST-OlderVersion
2019-02-05 09:13 - 2019-02-05 09:13 - 000000000 ____D C:\FRST
2019-02-05 06:16 - 2019-02-05 06:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-02-05 01:44 - 2019-02-05 01:44 - 000000616 _____ C:\Users\Nicki A. Layman\Downloads\cc_20190205_014404.reg
2019-02-05 01:43 - 2019-02-05 01:43 - 000050070 _____ C:\Users\Nicki A. Layman\Downloads\cc_20190205_014326.reg
2019-02-05 01:35 - 2019-02-05 01:44 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 01:34 - 2019-02-05 01:34 - 019341880 _____ (Piriform Software Ltd) C:\Users\Nicki A. Layman\Downloads\ccsetup552.exe
2019-02-05 01:04 - 2019-02-05 01:04 - 007316688 _____ (Malwarebytes) C:\Users\Nicki A. Layman\Downloads\adwcleaner_7.2.7.0.exe
2019-02-03 00:55 - 2019-02-03 00:55 - 000340450 _____ C:\Users\Nicki A. Layman\Downloads\Statement_012019_4318.pdf
2019-02-03 00:10 - 2019-02-03 00:10 - 000121068 _____ C:\Users\Nicki A. Layman\Downloads\NTO_12019020305105700041597819323834E4ED98D14E5071612EDE5.pdf
2019-02-03 00:08 - 2019-02-03 00:08 - 001510171 _____ C:\Users\Nicki A. Layman\Downloads\Green Savings, January 2019 (1).pdf
2019-02-03 00:08 - 2019-02-03 00:08 - 001494670 _____ C:\Users\Nicki A. Layman\Downloads\One Deposit Checking, January 2019 (1).pdf
2019-02-03 00:07 - 2019-02-03 00:08 - 001512927 _____ C:\Users\Nicki A. Layman\Downloads\Green Savings, January 2019.pdf
2019-02-03 00:07 - 2019-02-03 00:07 - 001567449 _____ C:\Users\Nicki A. Layman\Downloads\One Deposit Checking, January 2019.pdf
2019-02-02 19:24 - 2019-02-02 19:24 - 000204388 _____ C:\Users\Nicki A. Layman\Downloads\cbablue_authreleaseinfo.pdf
2019-02-02 18:11 - 2019-02-02 18:11 - 000068685 _____ C:\Users\Nicki A. Layman\Downloads\download.html
2019-01-31 08:04 - 2019-01-31 08:04 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-31 08:04 - 2019-01-31 08:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-31 08:04 - 2019-01-31 08:04 - 000000000 ____D C:\Program Files\iPod
2019-01-31 08:03 - 2019-01-31 08:04 - 000000000 ____D C:\Program Files\iTunes
2019-01-31 07:57 - 2019-01-31 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-01-30 17:10 - 2019-01-30 17:11 - 000068679 _____ C:\Users\Nicki A. Layman\Downloads\Cale report card 01.30.19 1199059d-4c91-45b3-9f53-ab3e9a529ecc.pdf
2019-01-30 16:54 - 2019-01-30 16:54 - 000098662 _____ C:\Users\Nicki A. Layman\Downloads\Blog 17 ff.pdf
2019-01-30 16:54 - 2019-01-30 16:54 - 000098662 _____ C:\Users\Nicki A. Layman\Documents\Blog 17 ff.pdf
2019-01-29 20:36 - 2019-01-29 20:36 - 000206333 _____ C:\Users\Nicki A. Layman\Downloads\Brokerage Trade Transaction (2).pdf
2019-01-29 19:59 - 2019-01-29 19:59 - 000271679 _____ C:\Users\Nicki A. Layman\Downloads\instantpot-NEW.pdf
2019-01-28 23:33 - 2019-01-28 23:34 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\00-Temp TXFR Thumbdrive
2019-01-27 20:58 - 2019-01-27 20:58 - 000097162 _____ C:\Users\Nicki A. Layman\Downloads\statement-Dec-2018.pdf
2019-01-25 23:07 - 2019-01-25 23:07 - 000003400 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-01-25 23:06 - 2019-02-05 01:08 - 000002436 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-01-25 23:06 - 2019-02-05 01:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2019-01-25 22:39 - 2019-01-25 22:39 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-360536505-2673825806-2265472118-1001
2019-01-25 22:38 - 2019-01-25 22:38 - 000002438 _____ C:\Users\Nicki A. Layman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-21 23:47 - 2019-01-21 23:47 - 000640214 _____ C:\Users\Nicki A. Layman\Downloads\AMEX Statement_Jan 2019.pdf
2019-01-20 17:27 - 2019-01-20 17:27 - 000076365 _____ C:\Users\Nicki A. Layman\Downloads\Brokerage Trade Transaction (1).pdf
2019-01-20 11:52 - 2019-01-20 11:52 - 000000037 _____ C:\WINDOWS\SysWOW64\SmartFlow.txt
2019-01-16 21:14 - 2019-01-16 21:14 - 000254431 _____ C:\Users\Nicki A. Layman\Downloads\AMERIPRISE Annual Statement 2018.pdf
2019-01-13 19:22 - 2019-01-13 19:22 - 000080253 _____ C:\Users\Nicki A. Layman\Downloads\Investment Suitability.pdf
2019-01-13 09:41 - 2019-01-13 09:41 - 000127875 _____ C:\Users\Nicki A. Layman\Downloads\CALE ACT ScoreReport.pdf
2019-01-13 09:38 - 2019-01-13 09:39 - 005084206 _____ C:\Users\Nicki A. Layman\Downloads\CALE PSATStudentScoreReport_1547390336303.pdf
2019-01-13 09:37 - 2019-01-13 09:38 - 001731399 _____ C:\Users\Nicki A. Layman\Downloads\CALE SATStudentScoreReport_1547390272424.pdf
2019-01-13 00:28 - 2019-01-13 00:28 - 000094278 _____ C:\Users\Nicki A. Layman\Documents\Ionic Bond Puzzle Pieces.pdf
2019-01-12 21:45 - 2019-01-12 21:45 - 000092027 _____ C:\Users\Nicki A. Layman\Downloads\statement-Nov-2018.pdf
2019-01-12 12:07 - 2019-01-12 12:07 - 000066080 _____ C:\Users\Nicki A. Layman\Downloads\ionic_bonding_activity.pdf
2019-01-09 23:06 - 2019-01-09 23:06 - 000000000 ____D C:\Users\Nicki A. Layman\AppData\Local\Dell Inc
2019-01-09 21:52 - 2019-01-09 21:52 - 000880758 _____ C:\Users\Nicki A. Layman\Downloads\ion_fit.pdf
2019-01-09 11:52 - 2019-01-09 11:52 - 003869110 _____ C:\Users\Nicki A. Layman\Downloads\K of C Scholastic Achievment Scholarship.pdf
2019-01-09 11:51 - 2019-01-09 11:51 - 003604525 _____ C:\Users\Nicki A. Layman\Downloads\Dennis Comai Scholarship.pdf
2019-01-09 11:49 - 2019-01-09 11:49 - 008406025 _____ C:\Users\Nicki A. Layman\Downloads\Vermont JCI Senate.pdf
2019-01-09 11:29 - 2019-01-02 14:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-09 11:29 - 2019-01-02 14:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 11:20 - 2019-01-01 02:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 11:20 - 2019-01-01 01:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 11:20 - 2019-01-01 01:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 11:20 - 2019-01-01 01:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 11:19 - 2019-01-01 08:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 11:19 - 2019-01-01 08:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 11:19 - 2019-01-01 08:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 11:19 - 2019-01-01 08:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 11:19 - 2019-01-01 08:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 11:19 - 2019-01-01 08:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 11:19 - 2019-01-01 08:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 11:19 - 2019-01-01 08:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 11:19 - 2019-01-01 08:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 11:19 - 2019-01-01 08:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 11:19 - 2019-01-01 02:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 11:19 - 2019-01-01 02:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 11:19 - 2019-01-01 02:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 11:19 - 2019-01-01 02:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 11:19 - 2019-01-01 02:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 11:19 - 2019-01-01 02:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 11:19 - 2019-01-01 02:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 11:19 - 2019-01-01 02:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 11:19 - 2019-01-01 02:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 11:19 - 2019-01-01 02:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 11:19 - 2019-01-01 02:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 11:19 - 2019-01-01 02:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 11:19 - 2019-01-01 02:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 11:19 - 2019-01-01 02:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 11:19 - 2019-01-01 02:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 11:19 - 2019-01-01 02:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 11:19 - 2019-01-01 01:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 11:19 - 2019-01-01 01:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 11:19 - 2019-01-01 01:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 11:19 - 2019-01-01 01:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 11:19 - 2019-01-01 01:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 11:19 - 2019-01-01 01:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 11:19 - 2019-01-01 01:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 11:19 - 2019-01-01 01:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 11:19 - 2019-01-01 01:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 11:19 - 2019-01-01 01:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 11:19 - 2019-01-01 01:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 11:19 - 2019-01-01 01:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 11:19 - 2019-01-01 01:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 11:19 - 2019-01-01 01:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 11:19 - 2019-01-01 01:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 11:19 - 2019-01-01 01:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 11:19 - 2019-01-01 01:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 11:19 - 2019-01-01 01:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 11:19 - 2019-01-01 01:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 11:19 - 2019-01-01 01:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 11:19 - 2019-01-01 01:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 11:19 - 2019-01-01 01:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 11:19 - 2019-01-01 01:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 11:19 - 2019-01-01 01:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 11:19 - 2019-01-01 01:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 11:19 - 2019-01-01 01:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 11:19 - 2019-01-01 01:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 11:19 - 2019-01-01 01:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 11:19 - 2019-01-01 01:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 11:19 - 2019-01-01 01:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 11:19 - 2019-01-01 01:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 11:19 - 2019-01-01 00:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 11:19 - 2018-12-18 23:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-08 20:05 - 2019-01-08 20:05 - 000367153 _____ C:\Users\Nicki A. Layman\Documents\Cooper Harvey.pdf
2019-01-08 18:54 - 2019-01-08 19:01 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\2018.19 Boys Hockey
2019-01-08 18:54 - 2019-01-08 18:56 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\2018.19 Girls Hockey
2019-01-08 18:51 - 2019-01-08 18:51 - 003068084 _____ C:\Users\Nicki A. Layman\Downloads\IMG_5970.HEIC
2019-01-08 12:40 - 2019-01-08 12:40 - 007320272 _____ (Malwarebytes) C:\Users\Nicki A. Layman\Downloads\adwcleaner_7.2.6.0.exe
2019-01-08 11:30 - 2019-01-08 11:31 - 005435396 _____ C:\Users\Nicki A. Layman\Downloads\EX6100-V1.0.2.24_1.1.134.zip
2019-01-08 10:29 - 2019-01-08 10:30 - 003644744 _____ C:\Users\Nicki A. Layman\Downloads\BrMain488 (1).exe
2019-01-08 10:18 - 2019-01-08 10:18 - 003644744 _____ C:\Users\Nicki A. Layman\Downloads\BrMain488.exe
2019-01-08 10:16 - 2019-01-08 10:16 - 000002132 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2019-01-08 10:15 - 2016-10-17 11:11 - 000363520 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM13A.DLL
2019-01-08 10:10 - 2019-01-08 10:11 - 046950032 _____ (A.I.SOFT,INC.) C:\Users\Nicki A. Layman\Downloads\HL-L2360DW-inst-D1-US3.EXE
2019-01-08 09:45 - 2019-01-08 10:12 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\Install
2019-01-08 09:45 - 2019-01-08 09:45 - 000000000 ____D C:\Users\Nicki A. Layman\Downloads\rempnp
2019-01-08 09:44 - 2019-01-08 09:44 - 001110160 _____ (SOURCENEXT CORPORATION) C:\Users\Nicki A. Layman\Downloads\delinf_10390.EXE
2019-01-08 09:43 - 2019-01-08 09:44 - 214281024 _____ (SOURCENEXT CORPORATION) C:\Users\Nicki A. Layman\Downloads\Y17B_C1_ULWL-usa-inst-C1.EXE
2019-01-08 08:15 - 2019-01-08 08:15 - 000023055 _____ C:\Users\Nicki A. Layman\Downloads\Casella Waste 2019 Invoice document_0s796875.pdf
2019-01-07 15:32 - 2019-01-07 15:32 - 000122316 _____ C:\Users\Nicki A. Layman\Downloads\HELOC and MOrtgage Statement Dec 2018.pdf
2019-01-07 15:16 - 2019-01-07 15:16 - 000122268 _____ C:\Users\Nicki A. Layman\Downloads\NTO_120190107201559000705F6B00DADF9C44B39BF92AA12C2FF6387.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-05 09:07 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-05 07:51 - 2018-06-07 08:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-05 06:30 - 2018-10-13 13:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security Suite
2019-02-05 06:28 - 2018-04-06 18:01 - 000000000 ____D C:\Program Files (x86)\Dell Update
2019-02-05 06:28 - 2017-10-20 10:29 - 000000000 ____D C:\Program Files (x86)\Dell Customer Connect
2019-02-05 06:05 - 2015-12-02 16:02 - 000000000 ____D C:\Users\Nicki A. Layman\AppData\Local\Adobe
2019-02-05 06:02 - 2014-10-19 14:54 - 000000000 __SHD C:\Users\Nicki A. Layman\IntelGraphicsProfiles
2019-02-05 01:45 - 2018-06-07 08:51 - 000000000 ____D C:\Users\Nicki A. Layman
2019-02-05 01:37 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-05 01:37 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-05 01:12 - 2018-06-07 09:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-04 21:47 - 2015-01-30 11:13 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\03-Cale
2019-02-02 18:46 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-02 16:10 - 2015-01-30 11:15 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\00-Nicki
2019-02-01 15:45 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-31 20:38 - 2018-12-09 11:34 - 000018391 _____ C:\Users\Nicki A. Layman\NSL Time Log.xlsx
2019-01-31 17:35 - 2017-01-15 20:48 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-31 08:30 - 2017-05-23 10:16 - 000000000 ___RD C:\Users\Nicki A. Layman\iCloudDrive
2019-01-31 08:26 - 2018-04-11 16:04 - 000016384 _____ C:\WINDOWS\system32\config\ELAM
2019-01-31 08:24 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-28 19:34 - 2015-01-30 11:13 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\02-Colton
2019-01-28 17:08 - 2018-07-18 20:06 - 000000000 ____D C:\ProgramData\Packages
2019-01-25 23:07 - 2018-02-21 10:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-01-25 23:05 - 2014-11-04 10:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-25 23:05 - 2014-11-04 10:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-25 22:38 - 2015-05-06 15:01 - 000000000 ___RD C:\Users\Nicki A. Layman\OneDrive
2019-01-25 20:39 - 2015-01-30 11:07 - 000000000 ____D C:\Users\Nicki A. Layman\Documents\04-Insurance, Investments and Taxes
2019-01-20 11:42 - 2018-11-21 11:53 - 000000000 _____ C:\WINDOWS\SysWOW64\SpyWareFolderstoFilter.txt
2019-01-17 17:07 - 2018-11-16 09:08 - 000000000 ____D C:\Program Files\rempl
2019-01-16 20:59 - 2018-10-21 18:02 - 000000132 _____ C:\Users\Nicki A. Layman\AppData\Roaming\Adobe PNG Format CC Prefs
2019-01-15 16:43 - 2014-11-04 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-11 11:35 - 2015-01-31 14:11 - 000073192 _____ C:\Users\Nicki A. Layman\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-10 06:12 - 2018-10-13 12:56 - 000353640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-09 23:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 23:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 23:11 - 2014-08-16 11:51 - 000000000 ____D C:\ProgramData\PCDr
2019-01-09 23:09 - 2014-08-16 11:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-01-09 23:06 - 2018-10-13 12:13 - 000000000 ____D C:\ProgramData\SupportAssist
2019-01-09 11:37 - 2014-10-19 16:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 11:30 - 2014-10-19 16:01 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-09 11:29 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-08 12:07 - 2018-06-07 09:35 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-08 12:07 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 12:07 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-08 10:36 - 2015-05-21 09:10 - 000000000 ____D C:\Users\Nicki A. Layman\AppData\Local\ElevatedDiagnostics
2019-01-08 10:19 - 2015-05-11 17:49 - 000000000 ____D C:\Program Files (x86)\Brother
2019-01-08 10:16 - 2016-08-29 11:54 - 000002215 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2019-01-08 10:15 - 2015-05-11 17:49 - 000000000 ____D C:\Program Files (x86)\Browny02
==================== Files in the root of some directories =======
2018-10-21 18:02 - 2019-01-16 20:59 - 000000132 _____ () C:\Users\Nicki A. Layman\AppData\Roaming\Adobe PNG Format CC Prefs
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-07 08:41
==================== End of FRST.txt ============================