Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021 Ran by mike (administrator) on MPMM1 (Dell Inc. Inspiron 3847) (22-08-2021 11:55:13) Running from C:\Users\mikem\Desktop Loaded Profiles: admin & mpmm & mpmm_a21rhkv & mike Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\50.0.11.0\crashpad_handler.exe <3> (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.54.22004.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.54.22004.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_d610222ce397fb36\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11236136 2021-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [2766648 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-06-20] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation) HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81379600 2021-08-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4905832 2020-11-20] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [443424 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3200273941-2670340362-4195434088-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3200273941-2670340362-4195434088-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3200273941-2670340362-4195434088-1014\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\Run: [CiscoMeetingDaemon] => C:\Users\mikem\AppData\Local\WebEx\ciscowebexstart.exe [2356544 2020-10-23] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-13] (CANON INC.) [File not signed] HKLM\...\Windows x64\Print Processors\HP2030PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP2030PP.DLL [65024 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-13] (CANON INC.) [File not signed] HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [219648 2018-05-06] (Bullzip) [File not signed] HKLM\...\Print\Monitors\HP2030LM: C:\Windows\system32\HP2030LM.DLL [246784 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor India Private Limited.) HKLM\...\Print\Monitors\PaperCut TCP/IP Port: C:\Windows\system32\pcprintportmon.dll [152000 2019-06-04] (PaperCut Software International Pty. Ltd. -> PaperCut Software International Pty Ltd) HKLM\...\Print\Monitors\rica4Ulm: C:\Windows\system32\rica4Ulm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.) HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\WSPDFelementMonitor.dll [271360 2017-10-19] (Wondershare Software) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-17] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> GroupPolicy: Restriction - Chrome <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {043B413C-F2B0-4284-AFCC-39D6D0FB01E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {04C7871B-E64E-490C-AC89-AD96520F2E34} - System32\Tasks\WD Discovery Service Task mike => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [78608 2021-08-21] (Western Digital Technologies, Inc. -> ) Task: {0BCC49A7-5ABD-4711-A728-B8B2FBC5912C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {10D9F0C7-420C-4087-B3D2-BCE1163B64E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {12AADE2E-AC46-4DAB-959E-379966FFCA70} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {16FC9E2F-C638-4535-9255-865DB818CDCB} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {1C06F5A8-EC7B-4E6F-916D-58B7178E74A5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {226D9043-91B6-46CA-98D9-5610851CCFE8} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [30720 2020-12-18] (Microsoft Windows -> Microsoft Corporation) Task: {2722E829-1297-45B3-A4E8-1CACB7C33A2D} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe Task: {2A5762AB-FD2A-4D15-809A-6746E87AD479} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3200273941-2670340362-4195434088-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} Task: {2D071615-055A-41DF-AEDC-CFF1122863CE} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe Task: {2FFAE513-2B47-4AFC-8D3C-D055BD739DEF} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Health Definition Update => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\AlertFramework.dll" /class:Microsoft.WindowsServerSolutions.NetworkHealth.AlertFramework.HealthScheduledTask /method:UpdateDefinitionPlugInTaskAction /task:"Health Definition Update" Task: {37A824E0-9E2E-4C83-807F-4164F63865BD} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [726488 2019-09-10] (Dell Inc. -> Dell Inc.) Task: {3915EF34-18D7-439D-B472-E51A560C0B9B} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe Task: {424AE188-1605-4EC9-B4C6-DF1AEAC6C693} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {433E5798-4D14-4E7C-8147-51DB65ADF375} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4E5E053F-244D-47DC-A624-244F388F50C5} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed] Task: {500DE81E-2736-41AE-A32F-BE53815B3D90} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\RDP Group Configuration => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\RemoteDesktopClientConfigLibrary.dll" /class:Microsoft.WindowsServerSolutions.RemoteDesktop.ClientConfigLibrary.RemoteDesktopClientConfig /method:AddDomainUserGroupToRDPGroup /task:"RDP Group Configuration" Task: {5132C16D-3D87-446C-B4F3-E8F658E09C80} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Client Computer Backup => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\BackupClientProvider.dll" /class:Microsoft.WindowsServerSolutions.DataProtection.PCBackup.ObjectModel.PCBackupClientManager /method:DoScheduledBackup /task:"Client Computer Backup" Task: {52375E6B-4E99-4A72-8E6E-2B72F7BEDD40} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {57EF97F7-F445-41BB-8666-DA0F6B6D50FD} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {59F36483-263F-402F-962D-613A2DF98DF1} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {61B2A00C-D092-44BF-BE04-FB6A0A8EBEC0} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {6CD80A5E-4F7A-4AF5-88FD-6F3F3BDA6563} - System32\Tasks\Uninstaller_SkipUac_mike => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6435088 2020-08-19] (IObit Information Technology -> IObit) Task: {6FBA1DCC-3E5C-485D-8F10-2B27195CA345} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {76E6B2CD-3262-4DA9-A1D7-C88EE549CBF0} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Client Computer Backup on Idle => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\BackupClientProvider.dll" /class:Microsoft.WindowsServerSolutions.DataProtection.PCBackup.ObjectModel.PCBackupClientManager /method:DoScheduledOnIdleBackup /task:"Client Computer Backup on Idle" Task: {7A85113A-31AA-466B-B0E9-E832A99DAB29} - System32\Tasks\WD Device Agent Task mike => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [723728 2021-08-21] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) Task: {7E411FB2-67FE-4E9A-B943-F7B258C638DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {7EEA6817-AFB0-46F3-8840-157E41F8D104} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed] Task: {854D0F8D-4F77-42AE-856A-C869A055E94D} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4755256 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid 6d7c29d8-99f0-4430-8ea2-d3eee7710770 Task: {9590B863-05F8-40B5-A44E-A81B6F333A51} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {979F0FF0-C0BC-4132-854F-0AD98A8AB2EF} - System32\Tasks\{FC04A7EF-B25F-4923-A1F3-D16E259300F9} => C:\Windows\system32\pcalua.exe -a C:\Users\mikem\Downloads\jre-8u221-windows-i586-iftw.exe -d C:\Users\mikem\Downloads Task: {A28E3BB5-7269-4AF4-BCC7-CE3CBD3303BD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.2.0\AutoUpdate.exe [2268432 2020-12-23] (IObit Information Technology -> IObit) Task: {A3F4D157-4E56-45BB-B827-0A012EC5A14F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A495F5CF-5CDC-4215-BF2B-7532096FAA76} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION Task: {A5A2598A-0669-4BA5-A9AE-9D4E0C703648} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2020-04-11] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {A883502B-F499-4BC6-9C6B-F29A99F45A57} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [30720 2020-12-18] (Microsoft Windows -> Microsoft Corporation) Task: {AB629FEC-9170-4737-90A2-3289821F3BE2} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\8.2.0\Scheduler.exe [152848 2020-12-23] (IObit Information Technology -> IObit) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B3A49E27-A226-4F11-8193-47DFEA367935} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {BBD2014D-7A97-48F2-983C-7FF9ECA98604} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [6150968 2021-08-10] (AVG Technologies USA, LLC -> AVG Technologies) Task: {BF63275E-F5CC-4A56-80B0-942D3F1B4BE2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {C598457B-FF12-49AE-B178-A2DB0784E5B8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {C7D42D7F-58F3-4FD1-8EC6-234E110E9E35} - System32\Tasks\Software Updater SkipUAC(mike) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4530712 2021-06-03] (IObit CO., LTD -> IObit) <==== ATTENTION Task: {C8237496-BA8E-46BB-B9AD-A34F86540F27} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Add-in Management => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\ClientSetupCommon.dll" /class:Microsoft.WindowsServerSolutions.ClientSetup.ClientTasks /method:AddInPerformInstallationsTask /task:"Add-in Management" Task: {C82ADC00-6CC5-4C60-8C46-24659F12CCE8} - System32\Tasks\Driver Booster SkipUAC (mike) => C:\Program Files (x86)\IObit\Driver Booster\8.2.0\DriverBooster.exe [8147400 2021-01-06] (IObit Information Technology -> IObit) Task: {C9584698-0407-4D61-9C8B-6FCB42BC4593} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CBB5F33B-9761-4325-8625-F8C47F042802} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\AlertFramework.dll" /class:Microsoft.WindowsServerSolutions.NetworkHealth.AlertFramework.HealthScheduledTask /method:EvaluateAlertsByTriggerTaskAction /task:"Alert Evaluations" Task: {DBE63446-44D1-4324-97EF-FD3350282123} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EA186BCB-53D0-4E93-92CC-E3EF6C1F9D58} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1794584 2021-04-14] (IObit CO., LTD -> IObit) <==== ATTENTION Task: {ED461531-1579-4A47-84D0-3D75ACE8D636} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4530712 2021-06-03] (IObit CO., LTD -> IObit) Task: {EE3105F4-908E-4596-9564-B5A000179AEE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-17] (Mozilla Corporation -> Mozilla Foundation) Task: {EFCE08A7-9EFE-429B-A092-0D343AD6EE9F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F4BF2215-A67D-4BBE-9373-6A4B97DD0B2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {FDDE57DB-4173-4286-A179-2EB3A8D2B757} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-413578968-4127535815-2662069183-1116] => 45.175.238.8:999 Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{43fe1a28-ff97-4cee-995c-2bf4c751a028}: [DhcpNameServer] 10.10.10.1 Tcpip\..\Interfaces\{6dd5eafc-63c3-4785-8771-379fdb967eff}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{a41bd588-6b0d-4b0d-a181-c06aed954d20}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{D667184D-E32C-4149-AC91-2C5FF5FAE3C8}: [DhcpNameServer] 192.168.43.1 Edge: ======= Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge Profile: C:\Users\mikem\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-22] FireFox: ======== FF DefaultProfile: hi4lo88b.default-1543873865624 FF ProfilePath: C:\Users\mikem\AppData\Roaming\Mozilla\Firefox\Profiles\hi4lo88b.default-1543873865624 [2021-08-22] FF user.js: detected! => C:\Users\mikem\AppData\Roaming\Mozilla\Firefox\Profiles\hi4lo88b.default-1543873865624\user.js [2020-12-31] FF DownloadDir: C:\Users\mikem\Desktop FF Notifications: Mozilla\Firefox\Profiles\hi4lo88b.default-1543873865624 -> hxxps://app.practicepanther.com; hxxps://3unlocker.com; hxxps://mail.google.com FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (IntelĀ® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (IntelĀ® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.7.914.0\npAvgBrowserUpdate3.dll [No File] FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.7.914.0\npAvgBrowserUpdate3.dll [No File] FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default [2021-08-21] CHR Notifications: Default -> hxxps://www.facebook.com CHR Extension: (Slides) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-23] CHR Extension: (Docs) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-23] CHR Extension: (Google Drive) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27] CHR Extension: (YouTube) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12] CHR Extension: (Facebook) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2020-07-20] CHR Extension: (Sheets) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-23] CHR Extension: (Google Docs Offline) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-30] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-06-30] CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-08-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-30] CHR Extension: (Gmail) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-10] CHR Extension: (Chrome Media Router) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-21] CHR Profile: C:\Users\mikem\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-21] CHR HKU\S-1-5-21-413578968-4127535815-2662069183-1116\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10353056 2020-11-20] (Acronis International GmbH -> ) S3 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2017-08-13] (Adobe Systems) [File not signed] S3 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-12-23] (Acronis International GmbH -> ) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed] R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [15032120 2021-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-05-21] (Dell Inc -> Dell Inc.) S3 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3373600 2019-05-21] (Dell Inc -> Dell Inc.) S3 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218144 2019-05-21] (Dell Inc -> Dell Inc.) S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-04-03] (Dell Inc -> ) S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-07-31] (IObit Information Technology -> IObit) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [48600 2019-09-10] (Dell Inc. -> Dell Inc.) S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5832096 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2020-12-18] (Microsoft Windows -> Microsoft Corporation) S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2020-12-18] (Microsoft Windows -> Microsoft Corporation) R3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [668808 2018-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-12-10] (Wondershare Technology Co.,Ltd -> Wondershare) S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe [495392 2019-06-13] (Wondershare Technology Co.,Ltd -> Wondershare) S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare) S3 avg; "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc [X] S3 avgm; "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /medsvc [X] S3 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Eraser\ElevationService.exe [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_d610222ce397fb36\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_d610222ce397fb36\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 anvsnddrv; C:\WINDOWS\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-08-20] (CPUID -> CPUID) R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2019-05-21] (Techporch Incorporated -> Dell Inc.) R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2019-05-21] (Techporch Incorporated -> Dell Computer Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2020-12-23] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-12-23] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-07-30] (Google LLC -> Google, Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-25] (Martin Malik - REALiX -> REALiX(tm)) R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit) R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit) R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit) S3 libusbK; C:\WINDOWS\System32\DRIVERS\libusbK.sys [47200 2018-12-02] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> ) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175752 2020-12-23] (Acronis International GmbH -> Acronis International GmbH) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2020-12-23] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-12-23] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.) S3 xb1usb; C:\WINDOWS\System32\drivers\xb1usb.sys [34016 2014-05-27] (Windows Central Build Account - X -> Microsoft Corporation) S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X] S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-08-22 11:55 - 2021-08-22 11:56 - 000040578 _____ C:\Users\mikem\Desktop\FRST.txt 2021-08-22 11:45 - 2021-08-22 11:45 - 002300928 _____ (Farbar) C:\Users\mikem\Desktop\FRST64English.exe 2021-08-22 09:23 - 2021-08-22 09:23 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat 2021-08-22 09:19 - 2021-08-22 09:21 - 035305580 _____ C:\Users\mikem\Desktop\anya olsen.mp4 2021-08-22 09:08 - 2021-08-22 09:15 - 090953413 _____ C:\Users\mikem\Desktop\scarlet and megan sage swallow.mp4 2021-08-22 09:03 - 2021-08-22 09:05 - 033094396 _____ C:\Users\mikem\Desktop\adria rae - sw salon.mp4 2021-08-22 07:15 - 2021-08-22 07:15 - 000000331 _____ C:\Users\mikem\Desktop\Fixlog-old.txt 2021-08-22 07:13 - 2021-08-22 10:19 - 000129418 _____ C:\Users\mikem\Desktop\fixlist-old.txt 2021-08-22 06:08 - 2021-08-22 06:10 - 000061739 _____ C:\Users\mikem\Desktop\Addition-old.txt 2021-08-22 06:04 - 2021-08-22 06:10 - 000067677 _____ C:\Users\mikem\Desktop\FRST-old.txt 2021-08-22 06:03 - 2021-08-22 11:56 - 000000000 ____D C:\FRST 2021-08-22 05:50 - 2021-08-22 05:50 - 002300416 _____ (Farbar) C:\Users\mikem\Downloads\FRST64(2).exe 2021-08-22 05:42 - 2021-08-22 05:42 - 002300416 _____ (Farbar) C:\Users\mikem\Downloads\FRST64(1).exe 2021-08-22 05:38 - 2021-08-22 05:38 - 002300928 _____ (Farbar) C:\Users\mikem\Downloads\FRST64.exe 2021-08-22 03:54 - 2021-08-22 03:54 - 061496008 _____ C:\Users\mikem\Downloads\xvideos.com_dcfbbe233222f91eec075edc6fd05c56-1.mp4 2021-08-22 03:20 - 2021-08-22 03:36 - 292357446 _____ C:\Users\mikem\Downloads\720(3).mp4 2021-08-22 02:19 - 2021-08-22 02:33 - 213749924 _____ C:\Users\mikem\Downloads\720.mp4 2021-08-21 23:40 - 2021-08-21 23:40 - 000001257 _____ C:\Users\Public\Desktop\WD Security.lnk 2021-08-21 23:05 - 2021-08-21 23:05 - 000003208 _____ C:\WINDOWS\system32\Tasks\WD Discovery Service Task mike 2021-08-21 23:05 - 2021-08-21 23:05 - 000003144 _____ C:\WINDOWS\system32\Tasks\WD Device Agent Task mike 2021-08-21 22:41 - 2021-08-21 22:41 - 000167034 _____ C:\Users\mikem\Downloads\fileassassin-setup-1.06.exe 2021-08-21 18:26 - 2021-08-21 18:26 - 022611179 _____ C:\Users\mikem\Downloads\xvideos.com_86f4cbb9f72fe567818e04cf06d68c0b.mp4 2021-08-21 03:01 - 2021-08-21 03:05 - 100314912 _____ C:\Users\mikem\Downloads\720(1).mp4 2021-08-20 10:22 - 2021-08-22 08:47 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-18 12:45 - 2021-08-20 10:23 - 2042389024 _____ C:\WINDOWS\MEMORY.DMP 2021-08-18 12:45 - 2021-08-18 12:56 - 004645372 _____ C:\WINDOWS\Minidump\081821-42906-01.dmp 2021-08-17 23:17 - 2021-08-17 23:17 - 000000000 ____D C:\Users\mikem\Documents\GG 2021-08-17 22:31 - 2021-08-17 22:38 - 1416473092 _____ C:\Users\mikem\Downloads\403224HD.mp4 2021-08-17 20:22 - 2021-08-17 20:23 - 003455835 _____ C:\Users\mikem\Downloads\sox-state-of-market-report-2020.pdf 2021-08-17 16:13 - 2021-08-17 16:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-12 14:59 - 2021-08-12 14:59 - 001151992 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2021-08-12 14:57 - 2021-08-12 14:57 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 007279232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-08-12 14:57 - 2021-08-12 14:57 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-08-12 14:57 - 2021-08-12 14:57 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-08-12 14:57 - 2021-08-12 14:57 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-08-12 14:57 - 2021-08-12 14:57 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-08-12 14:57 - 2021-08-12 14:57 - 000748832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-08-12 14:57 - 2021-08-12 14:57 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-08-12 14:57 - 2021-08-12 14:57 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-08-12 14:57 - 2021-08-12 14:57 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb 2021-08-12 14:56 - 2021-08-12 14:57 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-08-11 22:32 - 2021-08-11 22:32 - 000010246 _____ C:\Users\mikem\Documents\List of Items from Dads.xlsx 2021-08-11 06:37 - 2021-08-11 06:37 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2021-08-11 02:25 - 2021-08-11 02:25 - 076512537 _____ C:\Users\mikem\Downloads\xvideos.com_0c68c95f4d9e4eb74b649195872234fc.mp4 2021-08-11 01:09 - 2021-08-11 01:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-08-11 01:09 - 2021-08-11 01:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-08-11 01:09 - 2021-08-11 01:09 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-11 00:41 - 2021-08-11 00:41 - 000000000 ___HD C:\$WinREAgent 2021-08-09 10:45 - 2021-07-30 18:52 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys 2021-08-09 05:11 - 2021-08-09 05:13 - 466315432 _____ C:\Users\mikem\Downloads\SpankBang.com_ann+harlow+bangs+hot+young+bud_720p.mp4 2021-08-09 05:10 - 2021-08-09 05:11 - 193405067 _____ C:\Users\mikem\Downloads\EPORNER.COM - [AlFtkK2QySL] Ann Harlow threesome (240).mp4 2021-08-08 23:38 - 2021-08-08 23:39 - 173967575 _____ C:\Users\mikem\Downloads\SpankBang.com_jennifer+leroy_480p.mp4 2021-08-07 09:34 - 2021-08-07 09:40 - 754970472 _____ (NVIDIA Corporation) C:\Users\mikem\Downloads\471.11-notebook-win10-64bit-international-nsd-dch-whql.exe 2021-08-07 09:34 - 2021-08-07 09:40 - 754970472 _____ (NVIDIA Corporation) C:\Users\mikem\Downloads\471.11-notebook-win10-64bit-international-nsd-dch-whql(1).exe 2021-08-07 09:34 - 2021-08-07 09:34 - 000000000 ____D C:\Program Files\Avast Software 2021-08-07 09:31 - 2021-08-07 09:31 - 107831296 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit 2021-08-07 09:31 - 2021-08-07 09:31 - 000679936 _____ C:\WINDOWS\system32\config\DEFAULT.iobit 2021-08-07 09:31 - 2021-08-07 09:31 - 000102400 _____ C:\WINDOWS\system32\config\SAM.iobit 2021-08-07 09:31 - 2021-08-07 09:31 - 000036864 _____ C:\WINDOWS\system32\config\SECURITY.iobit 2021-08-07 08:50 - 2021-08-07 09:12 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Roaming\vlc 2021-08-07 08:41 - 2021-08-07 08:41 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-08-07 08:41 - 2021-08-07 08:41 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-08-07 08:41 - 2021-08-07 08:41 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-08-07 08:41 - 2021-08-07 08:41 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-08-07 08:33 - 2021-08-07 08:47 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\PlaceholderTileLogoFolder 2021-08-07 08:01 - 2021-08-07 08:01 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\PeerDistRepub 2021-08-07 07:45 - 2021-08-07 07:46 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Comms 2021-08-07 07:39 - 2021-08-07 07:39 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\OneDrive 2021-08-07 07:31 - 2021-08-07 13:15 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3200273941-2670340362-4195434088-1014 2021-08-07 07:31 - 2021-08-07 07:49 - 000000000 ___RD C:\Users\mpmm_a21rhkv\OneDrive 2021-08-07 07:31 - 2021-08-07 07:31 - 000002427 _____ C:\Users\mpmm_a21rhkv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-07 07:30 - 2021-08-07 07:30 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Roaming\Apple Computer 2021-08-07 07:29 - 2021-08-07 07:29 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Publishers 2021-08-07 07:28 - 2021-08-07 08:34 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Packages 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ___RD C:\Users\mpmm_a21rhkv\3D Objects 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Roaming\IObit 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\VirtualStore 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Google 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\D3DSCache 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\ConnectedDevicesPlatform 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\AVG 2021-08-07 07:27 - 2021-08-21 23:16 - 000000000 ____D C:\Users\mpmm_a21rhkv 2021-08-07 07:27 - 2021-08-07 07:27 - 000000020 ___SH C:\Users\mpmm_a21rhkv\ntuser.ini 2021-08-07 07:27 - 2017-08-16 02:02 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Microsoft Help 2021-08-07 00:43 - 2021-08-07 00:43 - 000000000 ____D C:\Users\mikem\AppData\Local\mymonero-updater 2021-08-07 00:42 - 2021-08-07 00:43 - 132216616 _____ (MyMonero) C:\Users\mikem\Downloads\MyMonero-Setup-1.1.24.exe 2021-08-06 22:35 - 2021-08-06 22:41 - 083701351 _____ C:\Users\mikem\Desktop\megan sage.mp4 2021-08-06 07:28 - 2021-08-06 07:28 - 002298102 _____ C:\Users\mikem\Downloads\VID 00003-20100522-1051.3GP 2021-08-05 12:10 - 2021-08-05 12:10 - 000301763 _____ C:\Users\mikem\Documents\amy emails 04.pdf 2021-08-05 12:09 - 2021-08-05 12:09 - 000295712 _____ C:\Users\mikem\Documents\amy emails 03.pdf 2021-08-05 12:03 - 2021-08-05 12:03 - 000384666 _____ C:\Users\mikem\Documents\amy emails 02.pdf 2021-08-05 12:01 - 2021-08-05 12:01 - 000443060 _____ C:\Users\mikem\Documents\amy emails 01.pdf 2021-08-04 10:08 - 2021-08-04 10:18 - 000164950 _____ C:\TDSSKiller.3.1.0.28_04.08.2021_11.08.34_log.txt 2021-08-04 10:07 - 2021-08-04 10:07 - 005054744 _____ (AO Kaspersky Lab) C:\Users\mikem\Desktop\tdsskiller.exe 2021-07-26 18:56 - 2021-07-26 18:58 - 083511961 _____ C:\Users\mikem\Desktop\megan rain - woodman swallow.mp4 2021-07-24 09:55 - 2021-07-24 10:03 - 106493242 _____ C:\Users\mikem\Desktop\ann harlow sweet cherry.mp4 2021-07-24 02:44 - 2021-07-24 03:01 - 315123703 _____ C:\Users\mikem\Desktop\danni rivers allure.mp4 2021-07-23 07:34 - 2021-07-23 07:34 - 000000000 ____D C:\jewel ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-08-22 11:48 - 2019-02-05 03:57 - 000000000 ____D C:\ProgramData\Mozilla 2021-08-22 11:47 - 2017-08-12 18:20 - 000000000 ____D C:\Users\mikem\AppData\LocalLow\Mozilla 2021-08-22 11:43 - 2017-08-12 18:27 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-22 10:49 - 2020-12-18 12:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-22 10:35 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-22 09:28 - 2019-06-09 02:56 - 000000000 ____D C:\Users\mikem\AppData\Roaming\vlc 2021-08-22 09:22 - 2019-07-25 05:09 - 000000000 ____D C:\Users\mikem\AppData\Roaming\IObit 2021-08-22 08:53 - 2020-12-18 12:45 - 000941870 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-08-22 08:53 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-22 08:50 - 2020-05-04 19:44 - 000000495 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2021-08-22 08:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-08-22 08:47 - 2020-12-18 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-22 08:47 - 2020-12-18 12:26 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK 2021-08-22 08:47 - 2019-07-25 05:09 - 000000000 ____D C:\Program Files (x86)\IObit 2021-08-22 08:47 - 2019-01-22 13:06 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-22 07:38 - 2020-05-14 03:46 - 000000000 ____D C:\Users\mikem\log 2021-08-21 23:56 - 2018-05-10 11:44 - 000000000 ____D C:\Users\mikem\AppData\Local\CrashDumps 2021-08-21 23:40 - 2019-11-26 03:40 - 000000000 ____D C:\Program Files (x86)\Western Digital 2021-08-21 23:40 - 2017-08-13 12:12 - 000000000 ____D C:\ProgramData\Package Cache 2021-08-21 23:39 - 2020-05-04 17:33 - 000000000 ____D C:\Users\mikem\AppData\Roaming\WD Discovery 2021-08-21 23:39 - 2020-05-04 17:33 - 000000000 ____D C:\Users\mikem\.wdc 2021-08-21 23:32 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-21 23:31 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-21 23:18 - 2019-01-01 21:45 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2021-08-21 23:16 - 2020-12-18 12:33 - 000000000 ____D C:\Users\mpmm 2021-08-21 23:16 - 2020-12-18 12:33 - 000000000 ____D C:\Users\admin 2021-08-21 23:16 - 2020-04-28 07:26 - 000000000 ____D C:\ProgramData\AVG 2021-08-21 23:13 - 2020-12-18 12:33 - 000000000 ____D C:\Users\mikem 2021-08-21 23:13 - 2019-06-16 16:52 - 000000000 ____D C:\Cache 2021-08-21 23:06 - 2020-12-23 17:22 - 000000000 ____D C:\Program Files\WD Desktop App 2021-08-21 22:26 - 2019-07-25 05:09 - 000000000 ____D C:\Users\mikem\AppData\LocalLow\IObit 2021-08-21 22:26 - 2019-07-25 05:09 - 000000000 ____D C:\ProgramData\IObit 2021-08-21 22:05 - 2019-06-27 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2021-08-21 22:05 - 2019-02-13 03:25 - 000000000 ____D C:\ProgramData\Wondershare 2021-08-21 22:05 - 2019-02-13 03:24 - 000000000 ____D C:\Program Files (x86)\Wondershare 2021-08-21 22:04 - 2020-11-30 01:38 - 000000000 ____D C:\adb 2021-08-21 22:03 - 2020-12-30 14:33 - 000000000 ____D C:\Program Files (x86)\4MeKey 2021-08-21 22:03 - 2020-11-29 07:37 - 000000000 ____D C:\Users\mikem\AppData\Roaming\LG Electronics 2021-08-21 22:03 - 2020-11-29 07:36 - 000000000 ____D C:\Users\mikem\AppData\Local\LG Electronics 2021-08-21 22:03 - 2019-07-30 14:01 - 000000000 ____D C:\Program Files (x86)\LG Electronics 2021-08-21 22:02 - 2019-12-10 17:17 - 000000000 ____D C:\Users\mikem\AppData\Local\Packages 2021-08-21 22:02 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-21 22:02 - 2018-01-21 10:35 - 000000000 ____D C:\Program Files\Android 2021-08-21 22:01 - 2021-07-13 23:19 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc 2021-08-21 22:01 - 2021-07-13 23:19 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Exodus 2021-08-21 22:01 - 2021-07-13 23:18 - 000000000 ____D C:\Users\mikem\AppData\Local\exodus 2021-08-21 21:58 - 2021-07-13 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2021-08-21 21:58 - 2021-01-16 06:20 - 000000000 ____D C:\Users\mikem\AppData\Roaming\GlarySoft 2021-08-21 21:58 - 2021-01-16 06:20 - 000000000 ____D C:\Program Files (x86)\Glarysoft 2021-08-21 21:58 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-21 21:55 - 2018-03-21 12:01 - 000007605 _____ C:\Users\mikem\AppData\Local\Resmon.ResmonCfg 2021-08-21 10:25 - 2020-12-18 12:32 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-20 12:22 - 2019-07-25 05:09 - 000000000 ____D C:\ProgramData\ProductData 2021-08-20 10:25 - 2020-12-31 13:26 - 000000000 ____D C:\WINDOWS\Minidump 2021-08-18 12:45 - 2021-07-22 09:11 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-08-18 12:45 - 2017-08-12 18:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-08-18 12:16 - 2020-07-15 16:25 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Origin 2021-08-17 23:45 - 2017-08-12 18:27 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-17 23:45 - 2017-08-12 18:27 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-08-17 16:13 - 2017-08-12 18:20 - 000000898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-08-17 15:55 - 2019-12-10 20:24 - 000000000 ____D C:\Users\mikem\AppData\Local\D3DSCache 2021-08-15 20:19 - 2020-12-18 22:56 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-15 20:19 - 2020-12-18 22:56 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d563b3b6d726 2021-08-14 15:06 - 2019-01-01 21:19 - 000000000 ____D C:\Program Files (x86)\Origin Games 2021-08-14 15:06 - 2018-06-27 23:29 - 000000000 ____D C:\ProgramData\Origin 2021-08-14 15:05 - 2020-07-15 16:25 - 000000000 ____D C:\Users\mikem\AppData\Local\Origin 2021-08-12 15:01 - 2019-01-27 17:13 - 000000000 ____D C:\Users\mikem\AppData\Local\NVIDIA 2021-08-12 00:34 - 2020-12-18 12:26 - 000916280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-12 00:33 - 2018-06-30 20:13 - 000000000 ____D C:\Users\mikem\AppData\Local\AVAST Software 2021-08-12 00:31 - 2020-12-18 14:59 - 000000000 ____D C:\Program Files\Hyper-V 2021-08-12 00:31 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-12 00:31 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-11 00:32 - 2017-08-12 19:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-11 00:25 - 2017-08-12 19:12 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-10 12:45 - 2021-02-01 13:27 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-08-10 04:49 - 2020-07-26 20:53 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe 2021-08-07 13:19 - 2018-06-30 20:10 - 000000000 ____D C:\ProgramData\AVAST Software 2021-08-07 13:15 - 2021-06-29 19:01 - 000002560 _____ C:\WINDOWS\system32\Tasks\Software Updater Scheduler 2021-08-07 13:15 - 2021-06-23 16:45 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-07 13:15 - 2021-06-23 16:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-07 13:15 - 2021-06-23 16:45 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-07 13:15 - 2021-06-23 16:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-07 13:15 - 2021-06-23 16:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-07 13:15 - 2021-06-23 16:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-07 13:15 - 2021-06-23 16:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-07 13:15 - 2020-12-18 12:55 - 000002396 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_mike 2021-08-07 13:14 - 2021-01-16 06:29 - 000002568 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler 2021-08-07 13:14 - 2021-01-16 06:29 - 000002554 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update 2021-08-07 13:14 - 2021-01-16 06:29 - 000002392 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (mike) 2021-08-07 13:14 - 2020-12-22 22:13 - 000003174 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification 2021-08-07 13:14 - 2020-12-18 12:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-07 13:14 - 2020-12-18 12:55 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-07 09:36 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-08-07 09:13 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-08-07 09:13 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing 2021-08-07 07:49 - 2020-01-07 11:50 - 000000000 ___HD C:\OneDriveTemp 2021-08-07 07:45 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-08-07 07:28 - 2019-12-10 17:17 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-08-07 07:15 - 2021-07-13 19:41 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Electrum 2021-08-06 06:33 - 2021-07-13 19:33 - 000000000 ____D C:\Users\mikem\AppData\Roaming\com.liberty.jaxx 2021-08-04 12:05 - 2020-09-30 23:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-04 10:25 - 2020-02-03 01:39 - 000000000 ____D C:\Program Files (x86)\Origin 2021-08-04 09:24 - 2021-02-01 04:41 - 000000000 ____D C:\ProgramData\GlarySoft 2021-08-04 08:28 - 2019-12-10 17:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-07-28 22:24 - 2021-07-20 11:44 - 000250296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2021-07-28 22:24 - 2021-07-20 11:44 - 000195000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2021-07-28 22:24 - 2021-07-13 21:14 - 001752512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2021-07-28 22:24 - 2021-07-13 21:14 - 000159672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2021-07-28 22:24 - 2021-07-13 21:14 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2021-07-28 22:24 - 2021-07-13 21:14 - 000038344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2021-07-27 12:06 - 2018-10-09 18:16 - 000000000 ____D C:\M19 Number Array Helper 2021-07-23 08:27 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF ==================== Files in the root of some directories ======== 2018-03-21 09:15 - 2018-02-13 02:57 - 000131072 _____ () C:\Users\mikem\zcl-wallet.dat 2019-02-08 09:03 - 2015-12-18 23:41 - 000573952 _____ () C:\Program Files\DS4Updater.exe 2019-02-08 09:03 - 2016-10-08 22:17 - 003168256 _____ () C:\Program Files\DS4Windows.exe 2020-05-04 23:38 - 2020-05-05 00:10 - 000000128 _____ () C:\Users\mikem\AppData\Local\PUTTY.RND 2020-04-23 22:47 - 2020-04-23 22:47 - 000000792 _____ () C:\Users\mikem\AppData\Local\recently-used.xbel 2018-03-21 12:01 - 2021-08-21 21:55 - 000007605 _____ () C:\Users\mikem\AppData\Local\Resmon.ResmonCfg 2019-04-03 13:57 - 2019-06-24 00:26 - 164937728 _____ () C:\Users\mikem\AppData\Local\SageThumbs.db3 2020-11-28 22:58 - 2020-11-28 22:58 - 000000076 _____ () C:\Users\mikem\AppData\Local\uts.ini ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================