Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020 Ran by kevin (administrator) on THEWHITETOWER (Gigabyte Technology Co., Ltd. Default string) (19-12-2020 13:00:57) Running from D:\Desktop Loaded Profiles: kevin Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\Lexmark\Bidi\LM__bdsvc.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Inc. -> Adobe) C:\Program Files\Adobe\Elements 2021 Organizer\dynamiclinkmanager.exe (Adobe Inc. -> Adobe) C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Amazon.com Services LLC -> Amazon.com Inc.) C:\Users\kevin\AppData\Local\Amazon Drive\AmazonPhotos.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\McCSPServiceHost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2> (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2> (philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDeskMSI\AnyDeskMSI.exe (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2> (Siber Systems -> Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\rf-chrome-nm-host.exe (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe (Synology Inc. -> Synology Inc.) C:\Users\kevin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.) C:\Users\kevin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe (Synology Inc. -> Synology Inc.) C:\Users\kevin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [iTunesHelper] => E:\Itunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [AdobePSE19AutoAnalyzer] => C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe [2653808 2020-11-28] (Adobe Inc. -> Adobe) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2020-12-08] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-11-28] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-10-16] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> ) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [LM___SCE] => C:\Program Files (x86)\Lexmark\StatusCenter\LM___SCE.EX HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [Amazon Music Helper] => C:\Users\kevin\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107848 2020-05-22] (Amazon.com Services LLC -> Amazon.com Services LLC) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [Vivaldi Update Notifier] => C:\Users\kevin\AppData\Local\Vivaldi\Application\update_notifier.exe [1883208 2020-11-02] (Vivaldi Technologies AS -> Vivaldi Technologies AS) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [Amazon Photos] => C:\Users\kevin\AppData\Local\Amazon Drive\AmazonPhotos.exe [10028720 2020-12-04] (Amazon.com Services LLC -> Amazon.com Inc.) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145680 2020-11-21] (Siber Systems -> Siber Systems) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-09-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\kevin\AppData\Local\Programs\Messenger\Messenger.exe [110794184 2020-12-07] (Facebook, Inc. -> Facebook, Inc.) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation) HKU\S-1-5-21-1594935762-1857880304-426175554-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\LMU04R4C: C:\Windows\System32\spool\prtprocs\x64\LMU04R4C.DLL [291840 2019-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\stkMonitor: C:\Windows\system32\stkMonitor.dll [519848 2020-04-20] (Amazon Services LLC -> Amazon.com, Inc.) HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\88.0.705.22\Installer\setup.exe [2020-12-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk MSI.lnk [2020-08-27] ShortcutTarget: AnyDesk MSI.lnk -> C:\Windows\Installer\{62853EBF-E9DD-4AA5-B20A-5A6C3DD74FF3}\AnyDeskMSI.exe (philandro Software GmbH -> philandro Software GmbH) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-12-12] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) Startup: C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Calendar Sync Pro.lnk [2020-05-20] ShortcutTarget: Calendar Sync Pro.lnk -> C:\Program Files (x86)\Calendar Sync Pro\Calendar Sync Pro.exe (PPP) [File not signed] Startup: C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2020-03-29] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter) Startup: C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Drive Client.lnk [2020-12-19] ShortcutTarget: Synology Drive Client.lnk -> C:\Program Files (x86)\Synology\SynologyDrive\bin\launcher.exe (Synology Inc. -> Synology Inc.) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06340225-517F-45BA-AE68-79BB9BE0B9BD} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.11.630\mcdatrep.exe [1888160 2020-12-16] (McAfee, Inc. -> McAfee, LLC.) Task: {13967337-CD68-4EEE-96BA-E2F08949CC70} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.5.126\DADUpdater.exe [4000984 2020-11-04] (McAfee, LLC -> McAfee, LLC) Task: {1528EC90-B282-4A5E-8233-CE215CE028DC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {220C66AF-39F7-426C-AB84-14A84572AE38} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {26586D81-36E8-4083-9332-76CACC8C3259} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {26C27446-AEE0-4862-921B-E9F5EA8F0ECB} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2017-10-19] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {2977BCC6-7FFB-4A9E-A566-1944DA2D2E9A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {313C80F4-8EFA-4774-B862-0A71254BCDD6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {31BEC3B2-4EDE-404D-8030-50958C06CE54} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4603200 2020-08-16] (McAfee, LLC -> McAfee, LLC) Task: {4070DDBB-F7EE-4EF8-A36C-4171AFBEA1B9} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION Task: {426B0B0B-1E97-4DBE-84E7-E8B5FA9273C4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC) Task: {548AF97E-7BCD-407E-B38F-C059EBCAD168} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {55A026C6-2BD0-4B9B-9945-D9997DB1DC9E} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1594935762-1857880304-426175554-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-16] (Microsoft Windows -> ) Task: {5F33E2D6-ED4B-4C50-8514-EE7D6A8E65EC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2263784 2017-10-19] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {63DD6388-8B4A-4258-9563-F3BAAF014C11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe) Task: {64F62C11-944A-400E-95AF-B528DD70BAAC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7520DB9D-4D99-4EE4-B0E2-961714DF4F58} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kevinschoen@shaw.ca => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {89ABAC86-8114-4EE8-B2D7-50A2D78D7D67} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8B03B495-F3B3-4671-AD8D-D1AF8BDFC7D5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {93119F8F-DD82-4B18-93A9-BD1C4FFEC109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC) Task: {93B7AECC-5AD2-47D2-82A2-4370DBB8EC3E} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC) Task: {967B414A-A702-462C-801B-0B19D213E38F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {9E218E8D-4C7A-4A64-ABD2-AEFADB8A059D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A1D64ACC-FA73-4E9A-990E-D8C423E90B0F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {A6316F55-CC79-439E-BC6B-5617DCE516AA} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2017-10-19] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {ABF00D45-20D5-4159-BC3A-A9F2D8D392F3} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145680 2020-11-21] (Siber Systems -> Siber Systems) "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION Task: {AE462DB9-708E-46A4-8ECF-C9D7D5565F95} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC) Task: {AF288C8A-AFD7-45AC-8CDF-7A0574589539} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BB455FD5-78F9-4DB8-8B9A-002232169300} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {BC5792A6-EDD5-42B9-B545-74F745BF2D35} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {BD62A9C6-DDBD-4BCE-AD5F-5217CBC8A836} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform.com/test-pass.html?aaa=KICMLMHMIMOLIMGMGMPMCNKMMLNMNLCNMMIMJMLMCNMLGMJMOLCNPMOMNLOLJMIMMLLMPMOMKMKLJNIICMHMCNGMCNJMCNJMJNHJCMNMCNOMPMCNPMCNOMGMPMLMOMJNHICMOMNMKJPMOMJNAJCMBJKJKIIJKJBJPLIJCJOJGJDJBNMJAJCJJNEJCMJNFJCMJNBJCMEJKJJIGJBJJNKJCMEJKJJIGJBJMIMJHJAJKJBJPLMIHJOJIIBNMJOJJNDJCMKJBJJNMJCMPMFMPMFMPMJNFICMJNJJCMPMJNIJCMPMJNOICMMMJMNMIMJNCJCMJNOMCMJNNMCMJNMMCMJNLMCMJNKMCMPMJNJMCMPM" Task: {BD63D88A-25FC-440E-A3C1-771025144BF3} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION Task: {C092CA43-228B-4006-8134-50E69BC15B32} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {C0E34583-F40D-4FEB-BEFD-FEE47CFB90C6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C15E9356-A17A-4FFF-9E1A-FD6BFB3F324D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {C3D9E364-7279-4459-9BAB-9824D81E1BD8} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION Task: {CE405F7B-769A-4A59-BC15-ED4C20FB8C1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC) Task: {D67B07B3-4DC0-46DF-BFA8-DD18E2004C67} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-09-21] (Garmin International, Inc. -> ) Task: {E60320F5-0DC2-413F-B6C4-DD15F81736EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {ECBAEA52-4F31-4840-BDF5-1A61BCF3615C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2017-10-19] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {F6E5730A-75C0-42D6-B0B8-7B0D34C2E68B} - System32\Tasks\Run RoboForm Process => C:\Program Files\Comodo\IceDragon\icedragon.exe [596928 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.) Task: {F76C3338-9187-43E4-BC3B-30BF7DAF5E33} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe <==== ATTENTION Task: {FF689628-6E69-4802-92DF-3BE726E09AA2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 64.59.184.13 64.59.190.242 Tcpip\..\Interfaces\{34a80106-3e77-462c-b5d8-e55afc6be5a8}: [DhcpNameServer] 64.59.184.13 64.59.190.242 Tcpip\..\Interfaces\{50b32c7d-183e-4e1c-a0fe-dbdd6215c5bf}: [DhcpNameServer] 64.59.184.13 64.59.190.242 Edge: ====== DownloadDir: C:\Users\kevin\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\kevin\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-19] Edge DownloadDir: D:\Downloads Edge StartupUrls: Default -> "hxxps://www.google.ca/?gws_rd=ssl" Edge NewTab: Default -> Active:"chrome-extension://dlnejlppicbjfcfcedcflplfjajinajd/index.html" Edge Extension: (Super Downloader for Instagram) - C:\Users\kevin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjbpbjdhaoepfngpakiiocajbcjddoeg [2020-12-19] Edge Extension: (Bonjourr) - C:\Users\kevin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dlnejlppicbjfcfcedcflplfjajinajd [2020-09-07] Edge Extension: (Social Video Downloader) - C:\Users\kevin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2020-11-26] Edge Extension: (RoboForm Password Manager) - C:\Users\kevin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2020-12-10] Edge Extension: (AdBlocker Ultimate) - C:\Users\kevin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pciakllldcajllepkbbihkmfkikheffb [2020-12-06] StartMenuInternet: Microsoft Edge Beta - C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe FireFox: ======== FF DefaultProfile: 1izp1enj.default FF DefaultProfile: wtvwx7w4.default FF DefaultProfile: t7r0b1u8.default FF ProfilePath: C:\Users\kevin\AppData\Roaming\Waterfox\Profiles\1izp1enj.default [2020-08-26] FF ProfilePath: C:\Users\kevin\AppData\Roaming\Waterfox\Profiles\b4zjdg20.68-edition-default [2020-08-26] FF ProfilePath: C:\Users\kevin\AppData\Roaming\PostboxApp\Profiles\wtvwx7w4.default [2020-12-12] FF DownloadDir: D:\Downloads FF Extension: (Cloud Service Providers for Postbox) - C:\Users\kevin\AppData\Roaming\PostboxApp\Profiles\wtvwx7w4.default\Extensions\pbfilelink@postbox-inc.com.xpi [2020-03-28] [Legacy] [not signed] FF ProfilePath: C:\Users\kevin\AppData\Roaming\Postbox\Profiles\dfedwnxr.default [2020-03-28] FF ProfilePath: C:\Users\kevin\AppData\Roaming\Comodo\IceDragon\Profiles\t7r0b1u8.default [2020-12-12] FF Homepage: Comodo\IceDragon\Profiles\t7r0b1u8.default -> about:newtab FF Extension: (Online Security Pro) - C:\Users\kevin\AppData\Roaming\Comodo\IceDragon\Profiles\t7r0b1u8.default\Extensions\cos@comodo.com.xpi [2020-08-26] FF Extension: (Https Enforcement) - C:\Users\kevin\AppData\Roaming\Comodo\IceDragon\Profiles\t7r0b1u8.default\Extensions\https@comodo.com.xpi [2019-03-15] FF Extension: (Media Downloader) - C:\Users\kevin\AppData\Roaming\Comodo\IceDragon\Profiles\t7r0b1u8.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] [Legacy] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2020-04-20] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> ) FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-11-28] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> ) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Neverwinter\Arc\Plugins\npArcPluginFF.dll [No File] FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-11-28] (Adobe Inc. -> Adobe Systems) FF Plugin HKU\S-1-5-21-1594935762-1857880304-426175554-1001: www.mydlink.com/Uplayer -> C:\Users\kevin\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll [2015-12-11] (D-LINK CORPORATION -> D-Link Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default [2020-12-06] CHR Notifications: Default -> hxxps://www.facebook.com CHR HomePage: Default -> hxxps://www.google.ca/ CHR NewTab: Default -> Not-active:"chrome-extension://dlnejlppicbjfcfcedcflplfjajinajd/index.html" CHR Extension: (Google Translate) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-29] CHR Extension: (Slides) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-29] CHR Extension: (Docs) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-29] CHR Extension: (Google Drive) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-29] CHR Extension: (Advanced Font Settings) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2020-03-29] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-11-18] CHR Extension: (Bonjourr) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnejlppicbjfcfcedcflplfjajinajd [2020-06-06] CHR Extension: (Dropbox for Gmail) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2020-03-29] CHR Extension: (Adobe Acrobat) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-19] CHR Extension: (Photo Zoom for Facebook) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2020-03-29] CHR Extension: (Sheets) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-29] CHR Extension: (Google Docs Offline) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18] CHR Extension: (SMS from Gmail ™ & Facebook™ (MightyText)) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffdacemhfpnchinokehhnppllonacfj [2020-11-18] CHR Extension: (Clear Cache Shortcut) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnajhcakejgchhbjlchkfmdidgjefleg [2020-03-29] CHR Extension: (mydlink services plugin) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2020-03-29] CHR Extension: (Numerics Calculator & Converter) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2020-03-29] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-24] CHR Extension: (Chrome Web Store Payments) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-29] CHR Extension: (Gmail) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24] CHR Extension: (Chrome Media Router) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-31] CHR Extension: (RoboForm Password Manager) - C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2020-12-06] CHR Profile: C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-08] CHR Profile: C:\Users\kevin\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-26] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-1594935762-1857880304-426175554-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-11-28] (Adobe Inc. -> Adobe Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3706832 2020-12-12] (philandro Software GmbH -> philandro Software GmbH) R2 AnyDeskMSI; C:\Program Files (x86)\AnyDeskMSI\AnyDeskMSI.exe [3669120 2020-07-28] (philandro Software GmbH -> philandro Software GmbH) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) S3 ArcService; D:\Neverwinter\Arc\ArcService.exe [125488 2020-05-26] (Perfect World Entertainment -> Perfect World Entertainment Inc) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-10-16] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-10-16] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-18] (NVIDIA Corporation -> NVIDIA) S4 IceDragonUpdater; C:\Program Files\Comodo\IceDragon\icedragon_updater.exe [2616792 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.) R2 LM__bdsvc; C:\Program Files\Lexmark\Bidi\LM__bdsvc.exe [690688 2016-06-06] () [File not signed] R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2020-12-17] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\\McCSPServiceHost.exe [2726312 2020-08-13] (McAfee, LLC -> McAfee, LLC) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) S3 MicrosoftEdgeBetaElevationService; C:\Program Files (x86)\Microsoft\Edge Beta\Application\88.0.705.22\elevation_service.exe [1523600 2020-12-13] (Microsoft Corporation -> Microsoft Corporation) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4221040 2020-07-29] (McAfee, LLC -> McAfee, LLC) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-22] (Razer USA Ltd. -> Razer Inc.) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-12-08] (Razer USA Ltd. -> Razer Inc.) R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371672 2020-05-07] (Synology Inc. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2020-12-19] (CPUID S.A.R.L.U. -> CPUID) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2020-10-10] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech) R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-10-05] (Logitech Inc -> Logitech Inc.) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.) R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation -> Microsoft Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-01] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-01] (Microsoft Windows -> Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2020-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-19 12:59 - 2020-12-19 13:01 - 000000000 ____D C:\FRST 2020-12-16 16:11 - 2020-12-16 15:19 - 000000000 ____D C:\Windows.old 2020-12-16 16:09 - 2020-12-16 16:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2020-12-16 16:09 - 2020-12-16 16:09 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2020-12-16 16:07 - 2020-12-16 16:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-16 16:07 - 2020-12-16 16:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-16 16:07 - 2020-12-16 16:07 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-16 16:07 - 2020-12-16 16:07 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-16 16:07 - 2020-12-16 16:07 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-12-16 16:06 - 2020-12-16 16:06 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-16 16:06 - 2020-12-16 16:06 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-16 16:06 - 2020-12-16 16:06 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-16 16:06 - 2020-12-16 16:06 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-16 16:06 - 2020-12-16 16:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-16 16:06 - 2020-12-16 16:06 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-16 16:06 - 2020-12-16 16:06 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-16 16:06 - 2020-12-16 16:06 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-16 16:06 - 2020-12-16 16:06 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-16 16:03 - 2020-12-16 16:03 - 000000000 ____D C:\Program Files\Reference Assemblies 2020-12-16 16:03 - 2020-12-16 16:03 - 000000000 ____D C:\Program Files\MSBuild 2020-12-16 16:03 - 2020-12-16 16:03 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2020-12-16 16:03 - 2020-12-16 16:03 - 000000000 ____D C:\Program Files (x86)\MSBuild 2020-12-16 15:30 - 2020-12-16 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2020-12-16 15:28 - 2020-05-26 00:11 - 000218960 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2020-12-16 15:27 - 2020-12-17 15:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2020-12-16 15:27 - 2020-12-17 15:28 - 000000000 ____D C:\Program Files (x86)\McAfee 2020-12-16 15:27 - 2020-12-16 16:27 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare) 2020-12-16 15:27 - 2020-12-16 15:27 - 000003332 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon 2020-12-16 15:27 - 2020-12-16 15:27 - 000000000 ____D C:\Program Files\McAfee.com 2020-12-16 15:27 - 2020-12-16 15:27 - 000000000 ____D C:\Program Files\Common Files\AV 2020-12-16 15:26 - 2020-12-19 12:18 - 000000000 ____D C:\ProgramData\McAfee 2020-12-16 15:26 - 2020-12-16 15:28 - 000000000 ____D C:\Program Files\Common Files\McAfee 2020-12-16 15:26 - 2020-06-02 03:30 - 000568216 _____ (McAfee, LLC) C:\WINDOWS\system32\mfevtps.exe 2020-12-16 15:23 - 2020-12-19 13:01 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-16 15:21 - 2020-12-16 15:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2020-12-16 15:19 - 2020-12-16 18:33 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1594935762-1857880304-426175554-1001 2020-12-16 15:19 - 2020-12-16 15:19 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2020-12-16 15:19 - 2020-12-16 15:19 - 000007623 _____ C:\WINDOWS\diagerr.xml 2020-12-16 15:19 - 2020-12-16 15:19 - 000003888 _____ C:\WINDOWS\system32\Tasks\Open URL by RoboForm 2020-12-16 15:19 - 2020-12-16 15:19 - 000003708 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-12-16 15:19 - 2020-12-16 15:19 - 000003404 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2020-12-16 15:19 - 2020-12-16 15:19 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-16 15:19 - 2020-12-16 15:19 - 000003200 _____ C:\WINDOWS\system32\Tasks\Run RoboForm TaskBar Icon 2020-12-16 15:19 - 2020-12-16 15:19 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-16 15:19 - 2020-12-16 15:19 - 000003034 _____ C:\WINDOWS\system32\Tasks\Run RoboForm Process 2020-12-16 15:19 - 2020-12-16 15:19 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1594935762-1857880304-426175554-500 2020-12-16 15:19 - 2020-12-16 15:19 - 000002802 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kevinschoen@shaw.ca 2020-12-16 15:19 - 2020-12-16 15:19 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-16 15:19 - 2020-12-16 15:19 - 000002702 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask 2020-12-16 15:19 - 2020-12-16 15:19 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2020-12-16 15:19 - 2020-12-16 15:19 - 000000020 ___SH C:\Users\kevin\ntuser.ini 2020-12-16 15:19 - 2020-12-16 15:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel 2020-12-16 15:19 - 2020-12-16 15:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple 2020-12-16 15:18 - 2020-12-16 15:18 - 000000000 ____D C:\ProgramData\Lexmark B2200 Series HBP 2020-12-16 15:13 - 2020-12-16 18:33 - 000002363 _____ C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-12-16 15:13 - 2020-12-16 15:19 - 000000000 ____D C:\Users\kevin 2020-12-16 14:27 - 2020-12-16 15:19 - 000000000 ___DC C:\WINDOWS\Panther 2020-12-16 14:24 - 2020-12-16 15:19 - 000000000 ___HD C:\$GetCurrent 2020-12-16 07:19 - 2020-12-16 15:14 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-12-12 16:22 - 2020-12-12 16:22 - 000000000 ____D C:\Users\kevin\AppData\Roaming\D-Link 2020-12-12 12:00 - 2020-12-12 12:00 - 000001410 _____ C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TELUS Business Connect Phone.lnk 2020-12-12 11:59 - 2020-12-16 15:14 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TELUS 2020-12-12 11:59 - 2020-12-12 12:00 - 000000000 ____D C:\Users\kevin\AppData\Roaming\JabraSDK 2020-12-12 11:59 - 2020-12-12 11:59 - 000000000 ____D C:\Users\kevin\AppData\Local\Telus 2020-12-12 09:52 - 2020-12-16 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk 2020-12-12 09:52 - 2020-12-12 12:53 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2020-12-12 09:42 - 2020-12-16 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology 2020-12-12 09:42 - 2020-12-12 09:42 - 000000000 ____D C:\Program Files (x86)\Synology 2020-12-12 09:41 - 2020-12-19 12:55 - 000000000 ____D C:\Users\kevin\AppData\Local\SynologyDrive 2020-11-29 11:42 - 2020-11-06 21:01 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2020-11-29 11:42 - 2020-11-06 21:01 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2020-11-29 11:42 - 2020-11-06 21:01 - 000038632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2020-11-29 11:38 - 2020-11-07 10:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-11-29 11:38 - 2020-11-07 10:41 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe 2020-11-29 11:38 - 2020-11-07 10:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-11-29 11:38 - 2020-11-07 10:41 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2020-11-29 11:38 - 2020-11-07 10:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-11-29 11:38 - 2020-11-07 10:41 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll 2020-11-29 11:38 - 2020-11-07 10:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2020-11-29 11:38 - 2020-11-07 10:41 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2020-11-29 11:38 - 2020-11-07 10:41 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2020-11-29 11:38 - 2020-11-07 10:41 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 001506032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 001027992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 000590576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2020-11-29 11:38 - 2020-11-07 10:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2020-11-29 11:38 - 2020-11-07 10:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2020-11-29 11:38 - 2020-11-07 10:37 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2020-11-29 11:38 - 2020-11-07 10:37 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2020-11-29 11:38 - 2020-11-07 10:37 - 005520792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2020-11-29 11:38 - 2020-11-07 10:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2020-11-29 11:38 - 2020-11-07 10:37 - 002509720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2020-11-29 11:38 - 2020-11-07 10:37 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2020-11-29 11:38 - 2020-11-07 10:37 - 000445848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2020-11-29 11:38 - 2020-11-07 10:36 - 007005008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2020-11-29 11:38 - 2020-11-07 10:36 - 005976296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2020-11-29 11:38 - 2020-11-06 21:01 - 000080930 _____ C:\WINDOWS\system32\nvinfo.pb 2020-11-29 09:03 - 2020-11-29 09:03 - 000000000 ____D C:\Users\kevin\AppData\Roaming\ArcApp 2020-11-29 08:54 - 2020-11-29 09:03 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Arc 2020-11-29 08:50 - 2020-12-16 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment 2020-11-28 14:02 - 2020-11-28 14:02 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Crystal Dynamics 2020-11-28 13:27 - 2020-12-16 15:14 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2020-11-28 13:14 - 2020-11-28 13:14 - 000000000 ____D C:\Users\kevin\AppData\Local\Steam 2020-11-28 13:13 - 2020-12-19 12:55 - 000000000 ____D C:\Program Files (x86)\Steam 2020-11-28 13:13 - 2020-12-16 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2020-11-28 07:44 - 2020-11-28 07:45 - 000000000 ____D C:\Users\kevin\.BigNox 2020-11-28 07:44 - 2020-11-28 07:44 - 000000000 ____D C:\Program Files (x86)\Bignox 2020-11-28 06:15 - 2020-11-28 06:30 - 000001708 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt 2020-11-28 06:13 - 2020-11-28 06:13 - 000001415 _____ C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification 2021.lnk 2020-11-28 06:13 - 2020-11-28 06:13 - 000001233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 2021.lnk 2020-11-28 05:31 - 2020-11-28 05:31 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Creative Memories 2020-11-28 05:31 - 2020-11-28 05:31 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Caspedia 2020-11-28 05:31 - 2020-11-28 05:31 - 000000000 ____D C:\ProgramData\Creative Memories 2020-11-27 17:26 - 2020-12-19 12:55 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Messenger 2020-11-27 17:26 - 2020-12-19 12:55 - 000000000 ____D C:\Users\kevin\AppData\Local\Messenger 2020-11-27 17:26 - 2020-12-10 17:24 - 000000000 ____D C:\Users\kevin\AppData\Local\messenger-updater 2020-11-27 17:26 - 2020-11-27 17:26 - 000002333 _____ C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk 2020-11-27 17:26 - 2020-11-27 17:26 - 000000000 ____D C:\Users\kevin\AppData\LocalLow\Messenger 2020-11-26 18:23 - 2020-12-07 20:29 - 000000000 ____D C:\Users\kevin\AppData\Local\Amazon Drive 2020-11-26 11:38 - 2020-11-26 12:06 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Topaz Labs LLC 2020-11-26 09:51 - 2020-10-18 22:42 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2020-11-26 09:51 - 2020-10-18 22:42 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2020-11-25 16:19 - 2020-11-25 16:19 - 000000000 ____D C:\Users\kevin\AppData\Roaming\ajour 2020-11-25 09:56 - 2020-11-25 09:56 - 000000000 ____D C:\Users\kevin\AppData\Local\MultiPlayerManager 2020-11-24 06:14 - 2020-12-16 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2020-11-21 20:57 - 2020-12-16 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2020-11-21 20:57 - 2020-11-21 20:57 - 000000000 ____D C:\Program Files\iPod 2020-11-19 00:38 - 2020-11-19 00:38 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3538912014-3826891016-3662973680-500 2020-11-19 00:34 - 2020-11-19 00:34 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2020-11-19 00:33 - 2020-12-16 16:12 - 000000000 ____D C:\ProgramData\Packages 2020-11-19 00:33 - 2020-12-16 15:19 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-11-19 00:32 - 2020-12-16 16:01 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-11-19 00:32 - 2020-12-16 15:25 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-19 00:32 - 2020-12-16 15:25 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-19 00:30 - 2020-12-19 12:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-11-19 00:30 - 2020-12-19 12:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-11-19 00:30 - 2020-12-16 16:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-11-19 00:30 - 2020-12-16 15:12 - 005101952 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-11-19 00:30 - 2020-11-19 00:30 - 000000000 ____D C:\WINDOWS\ServiceProfiles ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-19 13:01 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-19 12:56 - 2020-03-28 12:45 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-19 12:54 - 2020-06-01 11:31 - 000008192 ___SH C:\DumpStack.log.tmp 2020-12-19 12:54 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-19 12:54 - 2019-12-07 02:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-19 12:46 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-19 12:20 - 2020-11-15 08:51 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Amazon Cloud Drive 2020-12-19 12:19 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-18 09:25 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-17 13:17 - 2020-03-28 12:59 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-12-17 13:15 - 2020-03-28 12:59 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-12-17 03:27 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\appcompat 2020-12-16 16:12 - 2020-11-11 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair 2020-12-16 16:12 - 2020-10-11 09:36 - 000000000 ____D C:\WINDOWS\ShellNew 2020-12-16 16:12 - 2020-10-11 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2020-12-16 16:12 - 2020-10-10 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2020-12-16 16:12 - 2020-08-27 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk MSI 2020-12-16 16:12 - 2020-08-27 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit) 2020-12-16 16:12 - 2020-07-18 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB 2020-12-16 16:12 - 2020-07-15 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2020-12-16 16:12 - 2020-07-03 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simplify3D Software 2020-12-16 16:12 - 2020-05-29 03:54 - 000000000 ____D C:\Program Files\UNP 2020-12-16 16:12 - 2020-05-18 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2020-12-16 16:12 - 2020-05-01 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 120 Manual 2020-12-16 16:12 - 2020-04-20 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2020-12-16 16:12 - 2020-04-20 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2020-12-16 16:12 - 2020-04-15 07:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 2020-12-16 16:12 - 2020-04-13 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNAS PC 2020-12-16 16:12 - 2020-03-29 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2020-12-16 16:12 - 2020-03-29 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2020-12-16 16:12 - 2020-03-29 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2020-12-16 16:12 - 2020-03-29 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 13.8 2020-12-16 16:12 - 2020-03-29 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2020-12-16 16:12 - 2020-03-29 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex 2020-12-16 16:12 - 2020-03-29 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2020-12-16 16:12 - 2020-03-29 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2020-12-16 16:12 - 2020-03-29 11:40 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2020-12-16 16:12 - 2020-03-29 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer 2020-12-16 16:12 - 2020-03-28 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postbox 2020-12-16 16:12 - 2020-03-28 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm 2020-12-16 16:12 - 2020-03-28 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2020-12-16 16:12 - 2020-03-28 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-12-16 16:12 - 2020-03-28 13:10 - 000000000 ____D C:\Program Files\Intel 2020-12-16 16:12 - 2020-03-28 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software 2020-12-16 16:12 - 2019-12-07 02:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\catroot2.old 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Registration 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-12-16 16:12 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-12-16 16:12 - 2019-03-18 21:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2020-12-16 16:12 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2020-12-16 16:11 - 2019-12-07 02:14 - 000000000 __RHD C:\Users\Public\Libraries 2020-12-16 16:11 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\USOPrivate 2020-12-16 16:10 - 2020-10-10 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D 2020-12-16 16:10 - 2020-10-10 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2020-12-16 16:10 - 2020-08-26 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2020-12-16 16:10 - 2020-05-01 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2020-12-16 16:10 - 2020-04-03 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2020-12-16 16:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-16 16:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-16 16:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-12-16 16:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-16 16:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-16 16:08 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-16 16:05 - 2020-03-28 12:38 - 000000000 ____D C:\Users\kevin\AppData\Local\PlaceholderTileLogoFolder 2020-12-16 16:05 - 2020-03-28 12:36 - 000000000 ____D C:\Users\kevin\AppData\Local\Packages 2020-12-16 16:04 - 2019-12-07 02:18 - 000000000 ____D C:\WINDOWS\Setup 2020-12-16 15:39 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-12-16 15:35 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2020-12-16 15:28 - 2020-05-19 10:47 - 000000000 ____D C:\Program Files\McAfee 2020-12-16 15:26 - 2019-12-07 02:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-12-16 15:21 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2020-12-16 15:19 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-12-16 15:19 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-12-16 15:19 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-16 15:18 - 2020-03-29 15:56 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-16 15:18 - 2020-03-28 15:29 - 000002357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Beta.lnk 2020-12-16 15:17 - 2019-12-07 02:14 - 000000000 __RSD C:\WINDOWS\Media 2020-12-16 15:14 - 2020-11-18 07:07 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZOC Terminal 8.0 (64-bit) 2020-12-16 15:14 - 2020-11-13 17:33 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Nox 2020-12-16 15:14 - 2020-10-10 12:10 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2020-12-16 15:14 - 2020-07-07 10:34 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk 2020-12-16 15:14 - 2020-05-19 12:37 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music 2020-12-16 15:14 - 2020-05-17 15:53 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beamr Imaging 2020-12-16 15:14 - 2020-04-22 11:38 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2020-12-16 15:14 - 2020-04-16 14:28 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs 2020-12-16 15:14 - 2020-04-16 14:18 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs LLC 2020-12-16 15:14 - 2020-03-29 15:58 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2020-12-16 15:14 - 2020-03-28 14:59 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-12-16 15:13 - 2020-03-29 11:50 - 000000000 ____D C:\WINDOWS\SysWOW64\LifeCamTrueColor 2020-12-16 15:13 - 2020-03-29 11:50 - 000000000 ____D C:\WINDOWS\system32\LifeCamTrueColor 2020-12-16 15:13 - 2020-03-28 12:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2020-12-16 14:27 - 2020-06-01 11:04 - 000000036 _____ C:\WINDOWS\progress.ini 2020-12-16 14:24 - 2020-06-01 11:02 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk 2020-12-16 14:24 - 2020-06-01 11:02 - 000000000 ____D C:\Windows10Upgrade 2020-12-16 14:08 - 2020-09-13 16:36 - 000000000 ____D C:\Users\kevin\AppData\Local\ElevatedDiagnostics 2020-12-16 13:57 - 2020-09-06 08:14 - 000000072 _____ C:\WINDOWS\system32\perfdish001.dat 2020-12-16 13:41 - 2020-03-28 16:09 - 000000000 ____D C:\Program Files\Microsoft Office 2020-12-16 13:41 - 2020-03-28 15:31 - 000000000 ____D C:\Program Files (x86)\Postbox 2020-12-16 13:34 - 2020-03-28 12:40 - 000000000 ____D C:\Users\kevin\AppData\Local\PackageStaging 2020-12-16 08:10 - 2020-08-29 11:35 - 000000128 _____ C:\Users\kevin\AppData\Local\PUTTY.RND 2020-12-16 07:19 - 2020-04-19 12:44 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Zoom 2020-12-12 17:19 - 2020-03-28 15:35 - 000000000 ____D C:\Users\kevin\AppData\LocalLow\Mozilla 2020-12-12 16:26 - 2020-08-26 16:17 - 000000000 ____D C:\Users\kevin\AppData\LocalLow\Comodo 2020-12-12 10:46 - 2020-03-30 12:04 - 000000000 ____D C:\Users\kevin\AppData\Local\CrashDumps 2020-12-12 10:22 - 2020-03-28 12:36 - 000000000 ____D C:\Users\kevin\AppData\Local\VirtualStore 2020-12-12 09:57 - 2020-08-27 16:55 - 000000000 ____D C:\Users\kevin\AppData\Roaming\AnyDesk 2020-12-12 09:52 - 2020-08-27 16:54 - 000000000 ____D C:\ProgramData\AnyDesk 2020-12-07 20:29 - 2020-11-15 08:51 - 000001219 _____ C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk 2020-12-06 13:16 - 2020-03-29 17:13 - 000000000 ____D C:\Users\kevin\AppData\Local\Battle.net 2020-12-05 14:55 - 2020-03-29 17:08 - 000000000 ____D C:\Users\kevin\AppData\Local\D3DSCache 2020-11-29 13:36 - 2020-03-29 12:09 - 000000000 ____D C:\Users\kevin\AppData\Local\NVIDIA 2020-11-29 08:50 - 2020-07-05 09:24 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-11-28 08:39 - 2020-10-24 16:34 - 000000299 _____ C:\Users\kevin\d4ac4633ebd6440fa397b84f1bc94a3c.7z 2020-11-28 08:39 - 2020-10-24 16:00 - 000000000 ____D C:\Users\kevin\AppData\Local\Nox 2020-11-28 07:45 - 2020-10-24 16:01 - 000000000 ____D C:\Users\kevin\AppData\Local\NoxSrv 2020-11-28 07:45 - 2020-06-15 11:55 - 000000000 ____D C:\Users\kevin\.android 2020-11-28 07:44 - 2020-11-13 17:33 - 000000000 ____D C:\Users\kevin\AppData\Roaming\NoxSrv 2020-11-28 07:44 - 2020-11-07 10:34 - 000000069 _____ C:\Users\kevin\AppData\Local\update_progress.txt 2020-11-28 07:44 - 2020-10-24 16:01 - 000000000 ____D C:\Users\kevin\vmlogs 2020-11-28 07:25 - 2020-03-28 17:24 - 000000000 ____D C:\Users\kevin\AppData\Local\Adobe 2020-11-28 06:15 - 2020-03-28 17:23 - 000000000 ____D C:\ProgramData\Adobe 2020-11-28 06:15 - 2020-03-28 12:36 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Adobe 2020-11-28 06:13 - 2020-03-29 11:45 - 000000000 ____D C:\Program Files\Adobe 2020-11-28 06:13 - 2020-03-29 11:43 - 000000000 ____D C:\Program Files\Common Files\Adobe 2020-11-28 06:04 - 2020-05-01 11:39 - 000001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2020-11-26 09:51 - 2020-03-29 14:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-11-26 09:51 - 2020-03-28 12:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-11-26 09:51 - 2020-03-28 12:34 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-11-25 16:32 - 2020-10-10 12:10 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2020-11-25 16:30 - 2020-11-07 13:45 - 000001377 _____ C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbox Updater.lnk 2020-11-25 16:30 - 2020-11-07 13:45 - 000001340 _____ C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TBShell.lnk 2020-11-25 16:30 - 2020-10-24 15:12 - 000000000 ____D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Live Writer 2020-11-25 16:30 - 2020-10-24 15:12 - 000000000 ____D C:\Users\kevin\AppData\Local\OpenLiveWriter 2020-11-24 06:18 - 2020-07-30 07:06 - 000000000 ____D C:\Users\kevin\AppData\Local\Garmin 2020-11-24 06:18 - 2020-07-30 07:02 - 000000000 ____D C:\ProgramData\Garmin 2020-11-24 06:14 - 2020-07-30 07:05 - 000000000 ____D C:\Program Files (x86)\Garmin 2020-11-24 06:14 - 2020-03-28 13:10 - 000000000 ____D C:\ProgramData\Package Cache 2020-11-19 00:35 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState 2020-11-19 00:34 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\spool ==================== Files in the root of some directories ======== 2020-03-29 13:30 - 2020-04-20 10:21 - 000000132 _____ () C:\Users\kevin\AppData\Roaming\Adobe PNG Format CS6 Prefs 2020-06-15 14:20 - 2020-06-15 14:20 - 000038505 _____ () C:\Users\kevin\AppData\Roaming\Comma Separated Values.ADR 2020-04-08 13:33 - 2020-10-31 09:39 - 000001456 _____ () C:\Users\kevin\AppData\Local\Adobe Save for Web 13.0 Prefs 2020-04-22 09:34 - 2020-04-22 09:34 - 000000000 _____ () C:\Users\kevin\AppData\Local\oobelibMkey.log 2020-08-29 11:35 - 2020-12-16 08:10 - 000000128 _____ () C:\Users\kevin\AppData\Local\PUTTY.RND 2020-11-07 10:34 - 2020-11-28 07:44 - 000000069 _____ () C:\Users\kevin\AppData\Local\update_progress.txt ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================