Hi! Got this message out of the blue. Including a screen shot.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Ran by mjacabacci (ATTENTION: The user is not administrator) on WAD250 (LENOVO 10MRCTO1WW) (13-04-2022 13:58:50)
Running from C:\Users\mjacabacci\Desktop
Loaded Profiles: mjacabacci & MSSQL$GUARD1PLUS & ReportServer$GUARD1PLUS
Platform: Microsoft Windows 10 Enterprise 2015 LTSB 10240.18486 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe ->) (Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(ConnectWise, Inc. -> LabTech Software) C:\Windows\LTSvc\LTTray.exe
(ConnectWise, LLC -> ScreenConnect Software) C:\Program Files (x86)\ScreenConnect Client (6eeb2e900d6bdb4f)\ScreenConnect.WindowsClient.exe
(explorer.exe ->) (3XLOGIC SYSTEMS INC. -> 3xLOGIC Inc.) [File not signed] C:\Program Files (x86)\Vigil\VIGIL Remote Updater\VIGIL Remote Updater.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(NoMachine S.a.r.l. -> NoMachine) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
(Sanford, L.P.) [File not signed] C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe
(TimeKeeping Systems, Inc. -> TimeKeeping Systems, Inc.) C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.Attendant.Application.exe
(TimeKeeping Systems, Inc. -> TimeKeeping Systems, Inc.) C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.UnassignedButtons.Application.exe
(TimeKeeping Systems, Inc. -> TimeKeeping Systems, Inc.) C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.UsbDownloader.Application.exe
(Webroot -> Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
Failed to access process -> AGMService.exe
Failed to access process -> AGSService.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> armsvc.exe
Failed to access process -> conhost.exe
Failed to access process -> conhost.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> dwm.exe
Failed to access process -> DymoPnpService.exe
Failed to access process -> g2comm.exe
Failed to access process -> g2pre.exe
Failed to access process -> g2svc.exe
Failed to access process -> g2tray.exe
Failed to access process -> GoogleCrashHandler.exe
Failed to access process -> GoogleCrashHandler64.exe
Failed to access process -> IAStorDataMgrSvc.exe
Failed to access process -> ibtsiva.exe
Failed to access process -> igfxCUIService.exe
Failed to access process -> IntelCpHDCPSvc.exe
Failed to access process -> IntelCpHeciSvc.exe
Failed to access process -> iPodService.exe
Failed to access process -> jhi_service.exe
Failed to access process -> LMS.exe
Failed to access process -> lsass.exe
Failed to access process -> LTSVC.exe
Failed to access process -> LTSvcMon.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> novapdfs.exe
Failed to access process -> nxd.exe
Failed to access process -> nxnode.bin
Failed to access process -> nxserver.bin
Failed to access process -> nxservice64.exe
Failed to access process -> PresentationFontCache.exe
Failed to access process -> ReportingServicesService.exe
Failed to access process -> ScreenConnect.ClientService.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> services.exe
Failed to access process -> smss.exe
Failed to access process -> spoolsv.exe
Failed to access process -> sqlservr.exe
Failed to access process -> sqlwriter.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> SVCVigilUpdate.exe
Failed to access process -> TiWorker.exe
Failed to access process -> Tks.G1Plus.Attendant.exe
Failed to access process -> Tks.G1Plus.Server.exe
Failed to access process -> TrustedInstaller.exe
Failed to access process -> unsecapp.exe
Failed to access process -> wininit.exe
Failed to access process -> winlogon.exe
Failed to access process -> WMIADAP.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WRCoreService.x64.exe
Failed to access process -> WRSA.exe
Failed to access process -> WRSkyClient.x64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-25] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-26] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1203856 2017-10-26] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [DLSWebSvc] => C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe [4871680 2017-09-06] (Sanford, L.P.) [File not signed]
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [5513736 2021-12-07] (Webroot -> Webroot)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.UnassignedButtons.Application.exe -TRAY,C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.Attendant.Application.exe -TRAY,C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.UsbDownloader.Application.exe -TRAY, <==== ATTENTION
HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (No File)
HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\Policies\Explorer: [NoAddPrinter] 0
HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\system: [SoftwareSASGeneration] 3
HKLM\...\Windows x64\Print Processors\GoToMyPC Print Processor: C:\Windows\System32\spool\prtprocs\x64\GoToPrintProcessor_x64.dll [117664 2022-04-05] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\GoToMyPC Port: C:\Windows\system32\gotomon_x64.dll [199072 2022-04-05] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Print\Monitors\NoMachine Port Monitor: C:\Program Files (x86)\NoMachine\bin\libnxlp64.dll [849352 2021-05-19] (NoMachine S.a.r.l. -> )
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\Windows\system32\novamn8.dll [18944 2016-06-17] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5B6F824A-21BF-4147-A014-827DA4893903}] -> C:\Windows\system32\g2pcredprovider.dll [2022-04-05] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\Windows\system32\FaceCredentialProvider.dll [2019-05-03] (Microsoft Windows -> )
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> C:\Windows\system32\FaceCredentialProvider.dll [2019-05-03] (Microsoft Windows -> )
Lsa: [Authentication Packages] msv1_0 nxlsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIGIL Remote Updater.lnk [2018-01-26]
ShortcutTarget: VIGIL Remote Updater.lnk -> C:\Program Files (x86)\Vigil\VIGIL Remote Updater\VIGIL Remote Updater.exe (3XLOGIC SYSTEMS INC. -> 3xLOGIC Inc.) [File not signed]
Startup: C:\Users\mjacabacci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2021-01-22]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File)
Startup: C:\Users\mjacabacci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2022-01-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\mjacabacci\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-3035206359-1869424590-976067315-4153\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3035206359-1869424590-976067315-4153.job => C:\Users\mjacabacci\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3035206359-1869424590-976067315-4153.job => C:\Users\mjacabacci\AppData\Local\GoToMeeting\19932\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.16 192.168.0.39
Tcpip\..\Interfaces\{30f51d7d-19f7-47f3-99b2-d7f85fd4b13e}: [DhcpNameServer] 192.168.0.16 192.168.0.39
Tcpip\..\Interfaces\{3445c6ef-14c4-49fc-a15a-8b1b03b664d7}: [DhcpNameServer] 192.168.0.16 192.168.0.39
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FireFox:
========
FF DefaultProfile: nfw9jox2.default
FF ProfilePath: C:\Users\mjacabacci\AppData\Roaming\Mozilla\Firefox\Profiles\nfw9jox2.default [2022-04-13]
FF Notifications: Mozilla\Firefox\Profiles\nfw9jox2.default -> hxxps://steppingstonesmuseum.monday.com
FF HomepageOverride: Mozilla\Firefox\Profiles\nfw9jox2.default -> Disabled: web@MapsNewTab
FF NewTabOverride: Mozilla\Firefox\Profiles\nfw9jox2.default -> Disabled: web@MapsNewTab
FF Extension: (Maps) - C:\Users\mjacabacci\AppData\Roaming\Mozilla\Firefox\Profiles\nfw9jox2.default\Extensions\web@MapsNewTab.xpi [2019-09-19] [UpdateUrl:hxxps://api.mysearches.co/firefox/updates]
FF Extension: (Web Threat Shield) - C:\Users\mjacabacci\AppData\Roaming\Mozilla\Firefox\Profiles\nfw9jox2.default\Extensions\webrootsecure@webroot.com.xpi [2022-03-09]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Users\mjacabacci\AppData\Roaming\mozilla\plugins\npatgpc.dll [2018-07-19]
Chrome:
=======
CHR Profile: C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default [2022-03-22]
CHR Extension: (Slides) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-31]
CHR Extension: (Docs) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-31]
CHR Extension: (Google Drive) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-31]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-28]
CHR Extension: (Sheets) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-15]
CHR Extension: (Cisco Webex Extension) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-01-27]
CHR Extension: (Web Threat Shield) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2022-03-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (Gmail) - C:\Users\mjacabacci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [27136 2017-09-06] (Sanford, L.P.) [File not signed]
R2 GoToMyPC; C:\Program Files (x86)\GoToMyPC\g2svc.exe [2917280 2022-04-05] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 lmhosts; C:\Windows\System32\svchost.exe [39856 2015-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 lmhosts; C:\Windows\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 LTService; C:\Windows\LTSvc\LTSVC.exe [1673544 2021-07-02] (ConnectWise, Inc. -> LabTech Software)
R2 LTSvcMon; C:\Windows\LTSvc\LTSvcMon.exe [166216 2021-07-02] (ConnectWise, Inc. -> LabTech Software)
R2 MSSQL$GUARD1PLUS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.GUARD1PLUS\MSSQL\Binn\sqlservr.exe [199360 2015-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [39856 2015-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-06-17] (Softland SRL -> Microsoft)
R2 nsi; C:\Windows\system32\svchost.exe [39856 2015-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 nxservice; C:\Program Files (x86)\NoMachine\bin\nxservice64.exe [1037256 2021-05-19] (NoMachine S.a.r.l. -> NoMachine)
R2 ReportServer$GUARD1PLUS; C:\Program Files (x86)\Microsoft SQL Server\MSRS12.GUARD1PLUS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2046144 2015-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 ScreenConnect Client (6eeb2e900d6bdb4f); C:\Program Files (x86)\ScreenConnect Client (6eeb2e900d6bdb4f)\ScreenConnect.ClientService.exe [91808 2021-06-09] (ConnectWise, LLC -> )
S4 SQLAgent$GUARD1PLUS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.GUARD1PLUS\MSSQL\Binn\SQLAGENT.EXE [454848 2015-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 TKS Guard1Plus Attendant Service; C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.Attendant.exe [140232 2019-04-03] (TimeKeeping Systems, Inc. -> TimeKeeping Systems, Inc.)
R2 TKS Guard1Plus Service; C:\Program Files (x86)\TimeKeeping Systems\Guard1 Plus\Tks.G1Plus.Server.exe [42944 2019-04-03] (TimeKeeping Systems, Inc. -> TimeKeeping Systems, Inc.)
R2 VIGIL Update Service; C:\Program Files (x86)\Vigil\SVCVigilUpdate.exe [454128 2017-11-29] (3XLOGIC SYSTEMS INC. -> 3xLOGIC Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362824 2018-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [26464 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
R2 WRCoreService; C:\Program Files\Webroot\Core\WRCoreService.x64.exe [1833656 2022-01-05] (Webroot -> Webroot, Inc.)
R2 WRSkyClient; C:\Program Files\Webroot\Core\WRSkyClient.x64.exe [3346008 2022-01-05] (Webroot -> Webroot, Inc.)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [5513736 2021-12-07] (Webroot -> Webroot)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 LBAI; C:\Windows\System32\Drivers\LBAI.sys [30432 2017-04-29] (Lenovo -> Lenovo)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc -> Logitech Inc.)
R2 monblanking; C:\Windows\system32\DRIVERS\monblanking.sys [47696 2022-04-05] (LogMeIn, Inc. -> LogMeIn, Inc)
R2 nxaudio; C:\Windows\system32\drivers\nxaudio.sys [42616 2017-11-06] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine)
R2 nxfs; C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [64584 2018-02-15] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine)
R2 nxusbf; C:\Windows\System32\drivers\nxusbf.sys [110720 2017-04-06] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine)
R3 nxusbh; C:\Windows\System32\drivers\nxusbh.sys [118384 2017-04-06] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine)
R3 nxusbs; C:\Windows\System32\drivers\nxusbs.sys [20592 2017-04-06] (Microsoft Windows Hardware Compatibility Publisher -> NoMachine)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] (Microsoft Windows -> )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Windows -> Microsoft Corporation)
R1 Win10Pcap; C:\Windows\system32\DRIVERS\Win10Pcap.sys [50304 2015-10-07] (SoftEther Corporation -> Daiyuu Nobori, University of Tsukuba, Japan)
R1 WRCore; C:\Program Files\Webroot\Core\WRCore.x64.sys [359552 2022-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Webroot, Inc.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [138024 2021-12-07] (Webroot, Inc -> Webroot)
S3 vmsmp; \SystemRoot\System32\drivers\vmswitch.sys [X]
U4 warpview; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-13 13:58 - 2022-04-13 13:59 - 000026048 _____ C:\Users\mjacabacci\Desktop\FRST.txt
2022-04-13 13:57 - 2022-04-13 13:59 - 000000000 ____D C:\FRST
2022-04-13 13:57 - 2022-04-13 13:55 - 002365952 _____ (Farbar) C:\Users\mjacabacci\Desktop\FRST64.exe
2022-04-13 10:31 - 2022-04-13 10:31 - 000013057 _____ C:\Users\mjacabacci\Documents\SBob Budget.xlsx
2022-04-13 10:31 - 2022-04-13 10:31 - 000000165 ____H C:\Users\mjacabacci\Documents\~$SBob Budget.xlsx
2022-04-12 22:49 - 2022-04-12 22:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-11 13:20 - 2022-04-11 13:20 - 000000000 ____D C:\Program Files\Webroot
2022-04-06 07:08 - 2022-04-06 07:08 - 000000000 ____D C:\Program Files\Softland
2022-04-06 07:07 - 2022-04-05 10:56 - 003014560 _____ (LogMeIn, Inc.) C:\Windows\system32\g2pcredprovider.dll
2022-04-06 07:07 - 2022-04-05 10:43 - 000047696 _____ (LogMeIn, Inc) C:\Windows\system32\Drivers\monblanking.sys
2022-03-25 07:51 - 2022-03-25 07:51 - 000000922 _____ C:\Users\mjacabacci\Downloads\CVSAppointment.ics
2022-03-24 07:09 - 2022-03-24 07:09 - 000000125 _____ C:\Users\mjacabacci\Downloads\user-code-import-template-XR.csv
2022-03-22 14:27 - 2022-03-22 14:27 - 000018500 _____ C:\Users\mjacabacci\Downloads\FP_Number_Tracking_1647973638.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-13 13:58 - 2018-01-25 19:29 - 001031578 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-13 13:58 - 2015-07-10 07:02 - 000000000 ____D C:\Windows\INF
2022-04-13 13:57 - 2022-02-25 18:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-13 13:57 - 2018-12-20 19:31 - 000000000 ____D C:\ProgramData\WRData
2022-04-13 13:57 - 2018-01-31 13:12 - 000000000 ____D C:\Users\mjacabacci\AppData\LocalLow\Mozilla
2022-04-13 13:56 - 2018-02-26 11:19 - 000000000 ___HD C:\Users\mjacabacci\.nx
2022-04-13 13:56 - 2018-01-31 12:49 - 000000000 __SHD C:\Users\mjacabacci\IntelGraphicsProfiles
2022-04-13 13:56 - 2018-01-26 13:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-13 13:55 - 2018-12-20 19:28 - 000000000 ____D C:\Windows\LTSvc
2022-04-13 13:52 - 2021-12-07 14:51 - 000000000 _____ C:\Windows\SysWOW64\WRusr.dll.new
2022-04-13 13:52 - 2021-12-07 14:51 - 000000000 _____ C:\Windows\system32\WRusr.dll.new
2022-04-13 13:52 - 2018-12-20 19:32 - 000000927 _____ C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2022-04-13 13:52 - 2015-07-10 08:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-13 13:32 - 2022-01-14 17:00 - 000000000 ____D C:\Users\ReportServer$GUARD1PLUS
2022-04-13 13:32 - 2022-01-14 16:59 - 000000000 ____D C:\Users\MSSQL$GUARD1PLUS
2022-04-13 13:28 - 2018-02-28 15:19 - 000000578 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3035206359-1869424590-976067315-4153.job
2022-04-13 13:21 - 2018-01-25 19:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-04-13 13:21 - 2018-01-25 19:26 - 000000000 ____D C:\Users\ssmc-core
2022-04-13 12:29 - 2018-01-31 12:49 - 000000000 ____D C:\Users\mjacabacci
2022-04-13 12:20 - 2018-01-25 18:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-13 12:14 - 2019-10-02 00:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-04-13 12:09 - 2018-12-20 19:29 - 000000000 ____D C:\ProgramData\ScreenConnect Client (6eeb2e900d6bdb4f)
2022-04-13 12:08 - 2018-01-25 18:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 11:57 - 2018-01-31 15:44 - 000000000 ____D C:\Users\mjacabacci\Documents\Outlook Files
2022-04-13 10:31 - 2018-02-28 15:19 - 000000674 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3035206359-1869424590-976067315-4153.job
2022-04-13 00:59 - 2018-02-01 01:59 - 000000000 ____D C:\iVMS-4200
2022-04-12 14:03 - 2015-07-10 07:04 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-04-11 14:05 - 2018-01-31 12:49 - 000000000 ____D C:\Users\mjacabacci\AppData\Local\Packages
2022-04-11 10:23 - 2018-01-31 12:53 - 000000000 ____D C:\Users\mjacabacci\AppData\Local\Deployment
2022-04-07 00:51 - 2018-01-26 13:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-07 00:51 - 2018-01-26 13:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-06 07:08 - 2018-06-11 07:02 - 000000000 ____D C:\Users\mjacabacci\AppData\Roaming\GoToMyPC
2022-04-06 07:07 - 2018-02-02 18:20 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoToMyPC.lnk
2022-04-06 07:07 - 2018-02-02 18:20 - 000000000 ____D C:\ProgramData\GoToMyPC
2022-04-06 07:07 - 2018-02-02 18:20 - 000000000 ____D C:\Program Files (x86)\GoToMyPC
2022-04-05 10:56 - 2018-02-02 18:20 - 000199072 _____ (LogMeIn, Inc.) C:\Windows\system32\gotomon_x64.dll
2022-04-01 17:08 - 2018-01-31 12:53 - 000002378 _____ C:\Users\mjacabacci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-24 07:34 - 2018-02-26 11:17 - 000000000 ____D C:\Program Files (x86)\NoMachine
==================== Files in the root of some directories ========
2018-05-10 11:25 - 2018-05-10 11:25 - 000004096 ____H () C:\Users\mjacabacci\AppData\Local\keyfile3.drm
2018-09-26 13:59 - 2018-09-26 13:59 - 000000000 _____ () C:\Users\mjacabacci\AppData\Local\oobelibMkey.log
==================== FLock ==============================
2022-04-13 12:08 C:\Config.Msi
2018-01-26 10:55 C:\MSOCache
2015-07-10 07:04 C:\PerfLogs
2022-04-13 09:52 C:\Windows\system32\config
2015-07-10 07:04 C:\Windows\system32\Configuration
2018-01-25 19:26 C:\Windows\system32\DESKTOP-A7RKSEE_defaultuser0_HistoryPrediction.bin
2018-01-26 10:39 C:\Windows\system32\DESKTOP-A7RKSEE_ssmc-core_HistoryPrediction.bin
2015-07-10 08:22 C:\Windows\system32\DESKTOP-M7P1NB6_Administrator_HistoryPrediction.bin
2022-04-12 14:03 C:\Windows\system32\FxsTmp
2015-07-10 07:04 C:\Windows\system32\ias
2015-07-10 07:04 C:\Windows\system32\MsDtc
2015-07-10 07:04 C:\Windows\system32\networklist
2022-04-13 13:32 C:\Windows\system32\sru
2022-04-01 17:08 C:\Windows\system32\Tasks
2018-01-31 17:24 C:\Windows\system32\WAD250-ZZ_mjacabacci_HistoryPrediction.bin
2018-01-31 12:48 C:\Windows\system32\WAD250-ZZ_ssmc-core_HistoryPrediction.bin
2018-01-31 12:51 C:\Windows\system32\WAD250-ZZ_ssmctech_HistoryPrediction.bin
2018-05-04 12:09 C:\Windows\system32\WAD250_ssmctech_HistoryPrediction.bin
2018-05-03 16:20 C:\Windows\system32\WDI
2015-07-10 08:21 C:\Windows\system32\wfp
2015-07-10 07:04 C:\Program Files\WindowsApps
2015-07-10 07:04 C:\Windows\InfusedApps
2020-01-15 21:24 C:\Windows\LiveKernelReports
2022-02-06 19:37 C:\Windows\MEMORY.DMP
2022-02-06 19:37 C:\Windows\Minidump
2015-07-10 07:04 C:\Windows\ModemLogs
2022-04-13 13:59 C:\Windows\Prefetch
2015-07-10 07:04 C:\Windows\SysWOW64\config
2015-07-10 07:04 C:\Windows\SysWOW64\Configuration
2015-07-10 07:04 C:\Windows\SysWOW64\FxsTmp
2015-07-10 07:04 C:\Windows\SysWOW64\MsDtc
2015-07-10 07:04 C:\Windows\SysWOW64\networklist
2015-07-10 07:04 C:\Windows\SysWOW64\sru
2015-07-10 07:04 C:\Windows\SysWOW64\Tasks
2019-02-05 05:36 C:\Users\administrator
2022-04-13 13:32 C:\Users\MSSQL$GUARD1PLUS
2018-03-05 11:25 C:\Users\nx
2022-04-13 13:32 C:\Users\ReportServer$GUARD1PLUS
2022-04-13 13:21 C:\Users\ssmc-core
2022-01-14 16:01 C:\Users\ssmctech
2018-01-26 13:20 C:\Users\Public\Documents\Hyper-V
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
ATTENTION: ==> Could not access BCD. The user is not administrator -> The boot configuration data store could not be opened.
Access is denied.
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2022 01
Ran by mjacabacci (13-04-2022 13:59:27)
Running from C:\Users\mjacabacci\Desktop
Microsoft Windows 10 Enterprise 2015 LTSB 10240.18486 (X64) (2018-01-25 23:25:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3109379655-1828227321-14890777-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3109379655-1828227321-14890777-503 - Limited - Disabled)
Guest (S-1-5-21-3109379655-1828227321-14890777-501 - Limited - Disabled)
nx (S-1-5-21-3109379655-1828227321-14890777-1002 - Administrator - Enabled) => C:\Users\nx
ssmc-core (S-1-5-21-3109379655-1828227321-14890777-1001 - Administrator - Enabled) => C:\Users\ssmc-core
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {2936F8B3-571B-7336-8577-2471F5CC8C22}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {92571957-7121-7CB8-BFC7-1F038E4BC69F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AnyMeeting (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\AnyMeeting) (Version: 1.11.1 - AnyMeeting)
Apple Application Support (32-bit) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{45DDDFED-AABC-450C-B49C-5B4A5E547F5B}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Cisco Webex Meetings (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\ActiveTouchMeetingClient) (Version:- Cisco WebEx LLC)
Core (HKLM\...\{145996FC-8E6B-47AB-BEA5-A84F12B72AF5}) (Version: 1.3.126 - Webroot) Hidden
DYMO Label (HKLM-x32\...\{CE289CFA-898E-4601-B858-A25EC0CEA9EE}) (Version: 8.7.0.44412 - Newell Rubbermaid)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.75 - Google LLC)
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
GoToMyPC Print Assistant (HKLM\...\{57414DD3-55A7-4D2E-916F-2F1407AABE91}) (Version: 8.6.942 - Softland)
Grammarly for Microsoft® Office Suite (HKLM\...\{5E9D3B5B-ADDF-472B-9313-D95DA1D04873}) (Version: 6.7.214 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\{685fd7b0-6038-4546-92c4-05c5e1532835}) (Version: 6.7.214 - Grammarly)
Guard1 Plus (HKLM-x32\...\{4FF5FC55-7719-411D-BF7D-EDBBCE090486}) (Version: 5.22.20403.1 - TimeKeeping Systems, Inc.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1052 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)
iTunes (HKLM\...\{38749252-C55E-44D9-9CB6-52199D0173AB}) (Version: 12.10.2.3 - Apple Inc.)
iVMS-4200(v2.6.2.7) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.6.2.7 - hikvision)
join.me (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\JoinMe) (Version: 3.9.0.5408 - LogMeIn, Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files(HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client(HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version:- Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM-x32\...\{0CF73007-420F-4932-8635-4326E3336B62}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service(HKLM\...\{1A73AF5D-69EE-4AE0-917C-2429CE593A86}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom(HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{E3F613C1-105F-4717-BFE7-007729A95D67}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\Teams) (Version: 1.3.00.4461 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 99.0.1 (x64 en-US)) (Version: 99.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
NoMachine (HKLM-x32\...\NoMachine_is1) (Version: 6.15.1 - NoMachine S.a.r.l.)
novaPDF 8 Printer Driver (HKLM\...\{1A9E9E77-B29B-47C6-ADEB-9E7D6F7A08CE}) (Version: 8.6.942 - Softland)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8210 - Realtek Semiconductor Corp.)
ScreenConnect Client (6eeb2e900d6bdb4f) (HKLM-x32\...\{ACB70E5A-62B8-4277-9F4A-BF0C2EBA9420}) (Version: 21.8.3663.7830 - ScreenConnect Software)
Service Pack 1 for SQL Server 2014 (KB3058865) (HKLM-x32\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:- Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:- Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:- Microsoft)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SQL Server 2014 Common Files (HKLM-x32\...\{BFB3B874-8033-4F5E-BE47-0AED2541E57C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM-x32\...\{F78A23CD-E9A0-46E3-88E2-CF2CC93AE7BA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM-x32\...\{71E418D7-C0C5-455A-A248-1A3C3839EEEF}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM-x32\...\{A1ED7C85-A91A-4788-B0CC-86FA19C042E8}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM-x32\...\{1D1E4532-6A52-471B-B006-EA04A2BBFCE9}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM-x32\...\{AA2D8197-6678-4242-9222-3A03993E89B3}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM-x32\...\{B9577FC9-8B7D-4EA3-9826-0CC5520017F0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM-x32\...\{C11506E2-AAF1-4A7B-B7AD-081658384051}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM-x32\...\{37245D64-7439-4076-890F-3BD9EE3EEF46}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (HKLM-x32\...\{A2B8CAB4-FAD1-48D8-9AD1-4CCE701D5066}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{894F30EB-3F0A-422F-9225-EB00DC9414EA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version:- Microsoft)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version:- Microsoft)
Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0409-0000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version:- Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{61702639-6539-473A-8FE5-618E194C0069}) (Version: 2.7.0.0 - Microsoft Corporation)
USB Downloader USB-to-USB Driver x64 (HKLM-x32\...\{6E95A34B-7CBC-47F3-B86F-0B6CD95ADF99}) (Version: 1.1.3063.0 - TimeKeeping Systems, Inc.)
VIGIL Remote Updater (HKLM-x32\...\VIGIL Remote Updater) (Version:- 3xLOGIC Inc.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Webroot SecureAnywhere (HKLM-x32\...\{98C3BECF-DD5F-44D2-8EF3-48A965024206}) (Version: 9.24.37 - Webroot)
Zoom (HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3035206359-1869424590-976067315-4153_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\mjacabacci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3035206359-1869424590-976067315-4153_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\mjacabacci\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.214\B1C8308E53\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-3035206359-1869424590-976067315-4153_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\mjacabacci\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.214\B1C8308E53\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-3035206359-1869424590-976067315-4153_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\mjacabacci\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3035206359-1869424590-976067315-4153_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\mjacabacci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2021-12-07] (Webroot -> Webroot)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>-> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\Windows\system32\WRusr.dll [2021-12-07] (Webroot -> Webroot)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-22] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-22] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [294912 2011-05-03] (Microsoft Corporation) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-09-06 10:48 - 2017-09-06 10:48 - 000505856 _____ (DYMO Corporation) [File not signed] [File is in use] C:\Program Files (x86)\DYMO\DYMO Label Software\PrintingSupportLibrary.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\mjacabacci\Desktop\www.dropbox.com.url:com.dropbox.attributes [168]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ScreenConnect Client (6eeb2e900d6bdb4f) => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
URLSearchHook: [S-1-5-80-121095457-3536997251-334488824-4233463832-2534809014] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3418838197-3198860776-3088544609-2899383995-1591160277] ATTENTION => Default URLSearchHook is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2021-11-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2020-07-28] (Webroot Inc. -> Webroot)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2022-02-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2020-07-28] (Webroot Inc. -> Webroot)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\blackbaudhosting.com -> hxxps://altrurig01bo3.blackbaudhosting.com
IE trusted site: HKU\S-1-5-21-3035206359-1869424590-976067315-4153\...\blackbaudondemand.com -> hxxps://login.blackbaudondemand.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 07:04 - 2015-07-10 07:02 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\
HKU\S-1-5-21-3035206359-1869424590-976067315-4153\Control Panel\Desktop\\Wallpaper -> C:\Users\mjacabacci\Downloads\12705626_961576427259323_4813368935061826652_n.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C7439D61-2A8C-4F77-8916-D9AEF6C996B7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E36051F3-9572-49CF-91CC-63CA2D6DF68C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FE88559-06C3-4E94-9D03-DC3CDF9A5F6A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4702B440-D4F9-4C54-8ECF-BAD64AE2D304}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F4AF301-96D5-4C78-8B99-6A46F4E239A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9B3C30E3-7E6F-4CDE-876E-9240CF31F753}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{093A9F11-B551-4EFB-B166-0EBC04DEAD8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2BA53AA3-7293-4E6F-BC49-C7E631475CEA}] => (Allow) C:\Program Files (x86)\Vigil\SVCVigilUpdate.exe (3XLOGIC SYSTEMS INC. -> 3xLOGIC Inc.) [File not signed]
FirewallRules: [{9548C63E-30EE-4A3A-8182-8122601FE9E7}] => (Allow) C:\Program Files (x86)\Vigil\SVCVigilUpdate.exe (3XLOGIC SYSTEMS INC. -> 3xLOGIC Inc.) [File not signed]
FirewallRules: [{97B9DC35-0B63-4009-AE07-CD4779AD0EB2}] => (Allow) C:\Program Files (x86)\Vigil\VIGIL Client\VIGIL Client.exe (3XLOGIC SYSTEMS INC. -> 3xLOGIC Inc.) [File not signed]
FirewallRules: [{15F3A4A7-88F6-4543-9532-C3E5C214E02B}] => (Allow) C:\Program Files (x86)\Vigil\VIGIL Client\VIGIL Client.exe (3XLOGIC SYSTEMS INC. -> 3xLOGIC Inc.) [File not signed]
FirewallRules: [{48D9C7DA-6C8E-4001-B126-EE7558ECA05D}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{2E520154-4D82-4296-A63E-869E124F2681}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{A28D0CD9-87D5-43F7-86E5-AF09CC98EC07}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{F9E69BBF-77E1-4FE9-A46F-C9F369B15910}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{36253C1A-A721-4EAE-9FFF-A3D51EDA151A}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{A7319B2F-8806-40AC-94C6-C5943EB2E563}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{8C00F16E-7CF5-46B3-A8A5-D63D573661D1}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxnode.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{69F9676F-7487-414D-8A4A-0C9CC11A38D3}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxnode.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{A00D6807-A017-4002-8184-5A9B6A2AC2B6}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{8CE2E130-6802-4D8D-B4A1-4A0D208E1B9D}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin (NoMachine S.a.r.l. -> NoMachine)
FirewallRules: [{3D49F274-B1BA-445A-82F2-28D73AAA334D}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\Deployment\microinstaller.exe => No File
FirewallRules: [{4C4D0DA7-E07C-4E22-A84D-902D94FABD8F}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\Deployment\microinstaller.exe => No File
FirewallRules: [{7A27A7E3-F62A-42EC-A1FC-4094C30AEF94}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\Deployment\microinstaller.exe => No File
FirewallRules: [{E49A6811-330F-484B-A6BC-F3F72AA7D6BD}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\Deployment\microinstaller.exe => No File
FirewallRules: [{775A63CD-909D-4F20-9820-F83266CB6FC9}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\SBAMSvc.exe => No File
FirewallRules: [{D4FFF654-7EC5-4AD7-B0FA-2DD1EF9D3127}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\SBAMSvc.exe => No File
FirewallRules: [{F202960E-BF74-45ED-95E6-4FAA32A94BF5}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\SBAMSvc.exe => No File
FirewallRules: [{E947F735-C4A4-4900-B942-1B2C5BC2BAB9}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\SBAMSvc.exe => No File
FirewallRules: [{4C37A364-737E-49CD-AD5B-35483DC4DD8C}] => (Allow) C:\ProgramData\VIPRE Business Agent\PatchManagement\VIPRE.PMAgent.exe => No File
FirewallRules: [{6FC1161F-FBDF-4F46-8A10-CB640008D252}] => (Allow) C:\ProgramData\VIPRE Business Agent\PatchManagement\VIPRE.PMAgent.exe => No File
FirewallRules: [{80A80846-73CB-41D6-A315-2B052DDE2BAE}] => (Allow) C:\ProgramData\VIPRE Business Agent\PatchManagement\VIPRE.PMAgent.exe => No File
FirewallRules: [{682842A7-7C96-4089-8AAA-16BF1CC36901}] => (Allow) C:\ProgramData\VIPRE Business Agent\PatchManagement\VIPRE.PMAgent.exe => No File
FirewallRules: [{D6B187BA-B74F-4EBF-A0EC-11FD9FCB20AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E22B7EFB-5AC7-4928-B751-60CA07A24BEF}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\SBAMSvc.exe => No File
FirewallRules: [{EC221591-FB40-42A6-B5FD-CD9E844CC93B}] => (Allow) C:\Program Files (x86)\VIPRE Business Agent\SBAMSvc.exe => No File
FirewallRules: [{3662D848-77CB-4E74-ADA6-E66C08E2F405}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2DBAB0CB-10F7-4387-A165-833CC5FE01FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83B0645A-7BB1-44C5-A7C9-D295799535A4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{06D1BCF5-895E-4B65-B8BC-AD5012DABFB8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B34360DC-CD12-4231-98A5-B265804C244C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D757D5C-ABAC-4DA9-836A-CDAEEEB03F78}] => (Allow) LPort=1433
FirewallRules: [{9DCC42B7-9DF9-4360-A97A-83C831609BBF}] => (Allow) LPort=1434
FirewallRules: [{83AADBEC-791E-496A-A25D-9B774A0CE25B}] => (Allow) LPort=50152
FirewallRules: [{6DDE6D26-CD22-445D-A148-3D2043288539}] => (Allow) LPort=50150
FirewallRules: [{3F8641E4-5B8A-41BC-8D07-7BB148F9971D}] => (Allow) LPort=8501
FirewallRules: [{36125A8A-6084-455B-8E34-838BE7F91D12}] => (Allow) LPort=8501
FirewallRules: [{7485748E-A8C6-4A87-A0A3-3FA76EE97FC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AB977509-5502-40AE-BD8F-6309769C0167}] => (Allow) LPort=42004
FirewallRules: [{392487B0-4AD0-4857-894A-17BCAFD0453B}] => (Allow) LPort=4999
FirewallRules: [{B4A546D6-2011-4243-B4D3-A00E395A78C0}] => (Allow) C:\Windows\LTSvc\LTSVC.exe (ConnectWise, Inc. -> LabTech Software)
FirewallRules: [{C88D0F12-D355-48BA-B610-F3F08BBE729D}] => (Allow) C:\Windows\LTSvc\LTSVC.exe (ConnectWise, Inc. -> LabTech Software)
FirewallRules: [{828CA671-AE57-4DD8-87A8-85628F591D8D}] => (Allow) C:\Windows\LTSvc\LTSVCmon.exe (ConnectWise, Inc. -> LabTech Software)
FirewallRules: [{D5DD82A5-85C8-4213-898E-01D9A68AFFDA}] => (Allow) C:\Windows\LTSvc\LTSVCmon.exe (ConnectWise, Inc. -> LabTech Software)
FirewallRules: [{FB613FD3-68D4-4275-BE78-F9B189AE6F60}] => (Allow) C:\Windows\LTSvc\LTTray.exe (ConnectWise, Inc. -> LabTech Software)
FirewallRules: [{17DC94B7-C87B-4FCD-8D50-01E3988496F3}] => (Allow) C:\Windows\LTSvc\LTTray.exe (ConnectWise, Inc. -> LabTech Software)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:232.33 GB) (Free:55.89 GB) (24%)
Check "VSS" service
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/13/2022 02:02:06 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
Error: (04/13/2022 01:58:52 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
Error: (04/13/2022 01:56:41 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
Error: (04/13/2022 01:55:12 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
Error: (04/13/2022 01:54:12 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
Error: (04/13/2022 01:53:30 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
Error: (04/13/2022 01:53:02 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
Error: (04/13/2022 01:52:42 PM) (Source: ScreenConnect Client (6eeb2e900d6bdb4f)) (EventID: 0) (User: )
Description: System.Net.Sockets.SocketException (0x80004005): No such host is known
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostEntry(String hostNameOrAddress)
at ScreenConnect.NetworkExtensions.GetIPAddresses(String hostOrIPAddressString)
at ScreenConnect.ClientNetworkExtensions.ConnectTcpSocket(Uri endPointUri)
at ScreenConnect.WindowsClientToolkit.ConnectNetworkConnection(Uri endPointUri, Uri httpProxyUri)
at ScreenConnect.SocketEndPointManager.Run()
System errors:
=============
Error: (04/13/2022 02:05:55 PM) (Source: DCOM) (EventID: 10010) (User: SSMC)
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.
Error: (04/13/2022 02:03:54 PM) (Source: DCOM) (EventID: 10010) (User: SSMC)
Description: The server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} did not register with DCOM within the required timeout.
Error: (04/13/2022 02:01:53 PM) (Source: DCOM) (EventID: 10010) (User: SSMC)
Description: The server {4D233817-B456-4E75-83D2-B17DEC544D12} did not register with DCOM within the required timeout.
Error: (04/13/2022 01:59:04 PM) (Source: DCOM) (EventID: 10016) (User: SSMC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
and APPID
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
to the user SSMC\mjacabacci SID (S-1-5-21-3035206359-1869424590-976067315-4153) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/13/2022 01:59:04 PM) (Source: DCOM) (EventID: 10016) (User: SSMC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
and APPID
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
to the user SSMC\mjacabacci SID (S-1-5-21-3035206359-1869424590-976067315-4153) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/13/2022 01:59:04 PM) (Source: DCOM) (EventID: 10016) (User: SSMC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
and APPID
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
to the user SSMC\mjacabacci SID (S-1-5-21-3035206359-1869424590-976067315-4153) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/13/2022 01:58:25 PM) (Source: DCOM) (EventID: 10016) (User: SSMC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
and APPID
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
to the user SSMC\mjacabacci SID (S-1-5-21-3035206359-1869424590-976067315-4153) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/13/2022 01:58:25 PM) (Source: DCOM) (EventID: 10016) (User: SSMC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
and APPID
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
to the user SSMC\mjacabacci SID (S-1-5-21-3035206359-1869424590-976067315-4153) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
================
Date: 2018-12-20 11:45:28.926
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-20 10:15:53.777
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-19 17:27:04.911
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-19 10:09:01.313
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-19 09:14:53.219
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
==================== Memory info ===========================
BIOS: LENOVO M1AKT2AA 10/19/2017
Motherboard: LENOVO 3111
Processor: Intel® Core i3-7100T CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 8080.36 MB
Available physical RAM: 5575.39 MB
Total Virtual: 12176.36 MB
Available Virtual: 9585.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.33 GB) (Free:55.89 GB) NTFS
\\?\Volume{018d9f7d-406e-4552-8943-b21301455fd7}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
