Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021 Ran by mike (administrator) on MPMM1 (Dell Inc. Inspiron 3847) (27-08-2021 20:21:48) Running from C:\Users\mikem\Desktop Loaded Profiles: mike Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\50.0.11.0\crashpad_handler.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11236136 2021-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-06-20] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation) HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81379600 2021-08-21] (Western Digital Technologies, Inc. -> Western Digital Corporation) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4905832 2020-11-20] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [443424 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3200273941-2670340362-4195434088-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3200273941-2670340362-4195434088-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3200273941-2670340362-4195434088-1014\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\Run: [CiscoMeetingDaemon] => C:\Users\mikem\AppData\Local\WebEx\ciscowebexstart.exe [2356544 2020-10-23] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-413578968-4127535815-2662069183-1116\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-13] (CANON INC.) [File not signed] HKLM\...\Windows x64\Print Processors\HP2030PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP2030PP.DLL [65024 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-13] (CANON INC.) [File not signed] HKLM\...\Print\Monitors\HP2030LM: C:\Windows\system32\HP2030LM.DLL [246784 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor India Private Limited.) HKLM\...\Print\Monitors\PaperCut TCP/IP Port: C:\Windows\system32\pcprintportmon.dll [152000 2019-06-04] (PaperCut Software International Pty. Ltd. -> PaperCut Software International Pty Ltd) HKLM\...\Print\Monitors\rica4Ulm: C:\Windows\system32\rica4Ulm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-17] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04C7871B-E64E-490C-AC89-AD96520F2E34} - System32\Tasks\WD Discovery Service Task mike => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [78608 2021-08-21] (Western Digital Technologies, Inc. -> ) Task: {16FC9E2F-C638-4535-9255-865DB818CDCB} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {226D9043-91B6-46CA-98D9-5610851CCFE8} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [30720 2020-12-18] (Microsoft Windows -> Microsoft Corporation) Task: {2A5762AB-FD2A-4D15-809A-6746E87AD479} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3200273941-2670340362-4195434088-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} Task: {2CEBCADB-560B-465F-A79C-6791D275433B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2FFAE513-2B47-4AFC-8D3C-D055BD739DEF} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Health Definition Update => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\AlertFramework.dll" /class:Microsoft.WindowsServerSolutions.NetworkHealth.AlertFramework.HealthScheduledTask /method:UpdateDefinitionPlugInTaskAction /task:"Health Definition Update" Task: {433E5798-4D14-4E7C-8147-51DB65ADF375} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4DF0FE37-A3DC-46DC-8D12-6F5CC28079C8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {4E5E053F-244D-47DC-A624-244F388F50C5} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed] Task: {500DE81E-2736-41AE-A32F-BE53815B3D90} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\RDP Group Configuration => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\RemoteDesktopClientConfigLibrary.dll" /class:Microsoft.WindowsServerSolutions.RemoteDesktop.ClientConfigLibrary.RemoteDesktopClientConfig /method:AddDomainUserGroupToRDPGroup /task:"RDP Group Configuration" Task: {5132C16D-3D87-446C-B4F3-E8F658E09C80} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Client Computer Backup => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\BackupClientProvider.dll" /class:Microsoft.WindowsServerSolutions.DataProtection.PCBackup.ObjectModel.PCBackupClientManager /method:DoScheduledBackup /task:"Client Computer Backup" Task: {52375E6B-4E99-4A72-8E6E-2B72F7BEDD40} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {57EF97F7-F445-41BB-8666-DA0F6B6D50FD} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {59F36483-263F-402F-962D-613A2DF98DF1} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {5AD733A0-C234-4E74-B055-AD07E8534B84} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {61B2A00C-D092-44BF-BE04-FB6A0A8EBEC0} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {6B0AAABF-6C5C-4317-A41A-2351ED9E380F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6E08D0DD-87D9-4127-B02D-02A149963506} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\mikem\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-08-26] (ESET, spol. s r.o. -> ESET) Task: {76E6B2CD-3262-4DA9-A1D7-C88EE549CBF0} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Client Computer Backup on Idle => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\BackupClientProvider.dll" /class:Microsoft.WindowsServerSolutions.DataProtection.PCBackup.ObjectModel.PCBackupClientManager /method:DoScheduledOnIdleBackup /task:"Client Computer Backup on Idle" Task: {7A85113A-31AA-466B-B0E9-E832A99DAB29} - System32\Tasks\WD Device Agent Task mike => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [723728 2021-08-21] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) Task: {7E411FB2-67FE-4E9A-B943-F7B258C638DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {7EEA6817-AFB0-46F3-8840-157E41F8D104} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed] Task: {8A48CCB7-151C-47B2-8F1D-B994C204E399} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-24] (Mozilla Corporation -> Mozilla Foundation) Task: {A184750E-2895-4828-931F-766CD34AA3A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A5A2598A-0669-4BA5-A9AE-9D4E0C703648} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2020-04-11] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {A883502B-F499-4BC6-9C6B-F29A99F45A57} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [30720 2020-12-18] (Microsoft Windows -> Microsoft Corporation) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B3A49E27-A226-4F11-8193-47DFEA367935} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {B58EB6B7-3E21-4A81-A8BF-26570C38283D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BF63275E-F5CC-4A56-80B0-942D3F1B4BE2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {BFFA17E8-CDCE-4FD0-BCA6-39A2CCF2580E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C0DE3EFA-664B-4E1F-82FD-7FE80C503DAA} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\mikem\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-08-26] (ESET, spol. s r.o. -> ESET) Task: {C8237496-BA8E-46BB-B9AD-A34F86540F27} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Add-in Management => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\ClientSetupCommon.dll" /class:Microsoft.WindowsServerSolutions.ClientSetup.ClientTasks /method:AddInPerformInstallationsTask /task:"Add-in Management" Task: {CBB5F33B-9761-4325-8625-F8C47F042802} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [18864 2016-09-23] (Microsoft Corporation -> Microsoft Corporation) -> /asm:"C:\Program Files\Windows Server\Bin\AlertFramework.dll" /class:Microsoft.WindowsServerSolutions.NetworkHealth.AlertFramework.HealthScheduledTask /method:EvaluateAlertsByTriggerTaskAction /task:"Alert Evaluations" Task: {DEBA64A5-5F84-469F-97DD-2B592E018E41} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EBC6D266-3D7C-452B-AB95-4210B47C5CAF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ED98D965-F8C7-4359-95A0-BAA1839C633D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F1C1C2CA-418B-4AA8-B396-D238AD9DFF8D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F444DB58-E302-4AC5-8345-040A2CBA1887} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F4BF2215-A67D-4BBE-9373-6A4B97DD0B2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {F75F6115-3B7B-4225-8955-AECFD601DA10} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FD29A9EF-2AE0-436F-8E95-D36034922A5C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-05] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{43fe1a28-ff97-4cee-995c-2bf4c751a028}: [DhcpNameServer] 10.10.10.1 Tcpip\..\Interfaces\{6dd5eafc-63c3-4785-8771-379fdb967eff}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\mikem\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-26] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\mikem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-25] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: hi4lo88b.default-1543873865624 FF ProfilePath: C:\Users\mikem\AppData\Roaming\Mozilla\Firefox\Profiles\hi4lo88b.default-1543873865624 [2021-08-27] FF DownloadDir: C:\Users\mikem\Downloads FF Notifications: Mozilla\Firefox\Profiles\hi4lo88b.default-1543873865624 -> hxxps://app.practicepanther.com; hxxps://3unlocker.com; hxxps://mail.google.com FF Extension: (Malwarebytes Browser Guard) - C:\Users\mikem\AppData\Roaming\Mozilla\Firefox\Profiles\hi4lo88b.default-1543873865624\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-08-26] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default [2021-08-27] CHR Notifications: Default -> hxxps://www.facebook.com CHR Extension: (Slides) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-23] CHR Extension: (Docs) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-23] CHR Extension: (Google Drive) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27] CHR Extension: (YouTube) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12] CHR Extension: (Facebook) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2020-07-20] CHR Extension: (Sheets) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-23] CHR Extension: (Google Docs Offline) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-30] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-06-30] CHR Extension: (Chrome Web Store Payments) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-30] CHR Extension: (Gmail) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-10] CHR Extension: (Chrome Media Router) - C:\Users\mikem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-21] CHR Profile: C:\Users\mikem\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-24] CHR HKU\S-1-5-21-413578968-4127535815-2662069183-1116\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10353056 2020-11-20] (Acronis International GmbH -> ) S3 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2017-08-13] (Adobe Systems) [File not signed] S3 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-12-23] (Acronis International GmbH -> ) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed] S3 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-05-21] (Dell Inc -> Dell Inc.) S3 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3373600 2019-05-21] (Dell Inc -> Dell Inc.) S3 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218144 2019-05-21] (Dell Inc -> Dell Inc.) S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-25] (Malwarebytes Inc -> Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5832096 2020-11-20] (Acronis International GmbH -> Acronis International GmbH) S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2020-12-18] (Microsoft Windows -> Microsoft Corporation) S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2020-12-18] (Microsoft Windows -> Microsoft Corporation) R3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [668808 2018-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 SupportAssistAgent; "C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 anvsnddrv; C:\WINDOWS\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2019-05-21] (Techporch Incorporated -> Dell Inc.) R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2019-05-21] (Techporch Incorporated -> Dell Computer Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-08-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2020-12-23] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-12-23] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-07-30] (Google LLC -> Google, Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-25] (Martin Malik - REALiX -> REALiX(tm)) S3 libusbK; C:\WINDOWS\System32\DRIVERS\libusbK.sys [47200 2018-12-02] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-27] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-27] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> ) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175752 2020-12-23] (Acronis International GmbH -> Acronis International GmbH) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2020-12-23] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-12-23] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.) S3 xb1usb; C:\WINDOWS\System32\drivers\xb1usb.sys [34016 2014-05-27] (Windows Central Build Account - X -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-08-27 20:21 - 2021-08-27 20:21 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat 2021-08-27 20:19 - 2021-08-27 20:19 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-08-27 20:19 - 2021-08-27 20:19 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-08-27 20:19 - 2021-08-27 20:19 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-08-27 20:19 - 2021-08-27 20:19 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-08-27 20:11 - 2021-08-27 20:11 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-08-27 20:11 - 2021-08-27 20:11 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-08-27 20:07 - 2021-08-27 20:07 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Geek Uninstaller 2021-08-27 20:07 - 2021-08-19 08:44 - 006362984 _____ (Geek Unіnstaller) C:\Users\mikem\Desktop\geek.exe 2021-08-27 20:06 - 2021-08-27 20:06 - 002708502 _____ C:\Users\mikem\Downloads\geek.zip 2021-08-27 05:04 - 2021-08-27 05:04 - 000003320 _____ C:\Users\mikem\Desktop\WTRF.txt 2021-08-26 22:35 - 2021-08-26 22:35 - 000026554 _____ C:\Users\mikem\Documents\firewall.txt 2021-08-26 20:42 - 2021-08-27 20:17 - 000764064 _____ C:\WINDOWS\ntbtlog.txt 2021-08-26 14:29 - 2021-08-26 14:29 - 000003832 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-08-26 14:29 - 2021-08-26 14:29 - 000003390 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-08-26 14:29 - 2021-08-26 14:29 - 000001610 _____ C:\Users\mikem\Documents\eset.txt 2021-08-26 07:57 - 2021-08-26 07:57 - 000000810 _____ C:\Users\mikem\Desktop\microsoft office exploit.txt 2021-08-26 06:51 - 2021-08-26 21:17 - 000001396 _____ C:\Users\mikem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-08-26 06:51 - 2021-08-26 21:17 - 000001290 _____ C:\Users\mikem\Desktop\ESET Online Scanner.lnk 2021-08-26 06:51 - 2021-08-26 06:51 - 000000000 ____D C:\Users\mikem\AppData\Local\ESET 2021-08-26 06:36 - 2021-08-26 06:36 - 011697056 _____ (ESET) C:\Users\mikem\Desktop\esetonlinescanner.exe 2021-08-26 05:27 - 2021-08-26 05:27 - 000002027 _____ C:\Users\mikem\Desktop\malwarebygtes.txt 2021-08-26 05:26 - 2021-08-26 05:26 - 000000000 ____D C:\Users\mikem\Documents\FeedbackHub 2021-08-26 02:12 - 2021-08-27 20:08 - 000000000 ____D C:\Users\mikem\AppData\LocalLow\IGDump 2021-08-25 14:08 - 2021-08-26 21:35 - 000002003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-08-25 14:08 - 2021-08-26 21:35 - 000001991 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-08-25 14:07 - 2021-08-25 14:07 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-08-25 14:07 - 2021-08-25 14:07 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-08-25 14:06 - 2021-08-25 14:06 - 000000000 ____D C:\Program Files\Malwarebytes 2021-08-25 13:56 - 2021-08-25 13:57 - 002120496 _____ (Malwarebytes) C:\Users\mikem\Desktop\MBSetup-119967.119967-consumer.exe 2021-08-25 13:56 - 2021-08-25 13:56 - 008553680 _____ (Malwarebytes) C:\Users\mikem\Desktop\AdwCleaner.exe 2021-08-25 03:51 - 2021-08-25 03:51 - 000001280 _____ C:\Users\Public\Desktop\Madden NFL 22.lnk 2021-08-25 03:51 - 2021-08-25 03:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Madden NFL 22 2021-08-24 22:02 - 2021-08-24 22:02 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-24 22:02 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-24 22:02 - 2021-08-05 16:12 - 002838384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2021-08-24 21:48 - 2021-08-24 21:53 - 756085256 _____ (NVIDIA Corporation) C:\Users\mikem\Desktop\471.68-desktop-win10-win11-64bit-international-dch-whql.exe 2021-08-24 20:29 - 2021-08-24 20:29 - 000001650 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk 2021-08-24 20:29 - 2021-08-24 20:29 - 000000000 ____D C:\Program Files (x86)\MonitorDriver 2021-08-24 20:26 - 2021-08-24 20:26 - 008503296 _____ C:\Users\mikem\Desktop\C32F391FW.exe 2021-08-24 19:21 - 2021-08-27 05:03 - 000009782 _____ C:\Users\mikem\Desktop\Fixlog.txt 2021-08-24 15:30 - 2021-08-24 15:30 - 000000661 _____ C:\Users\mikem\Downloads\audio10.diagcab 2021-08-24 15:28 - 2021-08-24 15:28 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2021-08-24 15:26 - 2021-08-05 16:12 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2021-08-24 15:26 - 2021-08-05 16:12 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2021-08-24 15:10 - 2021-08-24 15:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Event Viewer Tasks 2021-08-24 14:57 - 2021-08-06 03:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-08-24 14:57 - 2021-08-06 03:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-08-24 14:57 - 2021-08-06 03:45 - 001474672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-08-24 14:57 - 2021-08-06 03:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-08-24 14:57 - 2021-08-06 03:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-08-24 14:57 - 2021-08-06 03:45 - 001212536 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-08-24 14:57 - 2021-08-06 03:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-08-24 14:57 - 2021-08-06 03:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-08-24 14:57 - 2021-08-06 03:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-08-24 14:57 - 2021-08-06 03:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-08-24 14:57 - 2021-08-06 03:42 - 000716928 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-08-24 14:57 - 2021-08-06 03:42 - 000645248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-08-24 14:57 - 2021-08-06 03:42 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 001595536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 001171088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 000919184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 000706168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-08-24 14:57 - 2021-08-06 03:41 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-08-24 14:57 - 2021-08-06 03:41 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-08-24 14:57 - 2021-08-06 03:40 - 008854136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-08-24 14:57 - 2021-08-06 03:40 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-08-24 14:57 - 2021-08-06 03:40 - 005680768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2021-08-24 14:57 - 2021-08-06 03:40 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-08-24 14:57 - 2021-08-06 03:40 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-08-24 14:57 - 2021-08-06 03:40 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-08-24 14:57 - 2021-08-06 03:39 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-08-24 14:57 - 2021-08-06 03:38 - 007280848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-08-24 14:57 - 2021-08-06 03:38 - 006215808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-08-24 14:57 - 2021-08-05 16:12 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb 2021-08-24 13:36 - 2021-08-24 13:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-24 08:37 - 2021-08-24 16:44 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-08-24 05:29 - 2021-08-27 20:18 - 000065536 _____ C:\WINDOWS\system32\Ikeext.etl 2021-08-22 11:59 - 2021-08-26 23:49 - 000052969 _____ C:\Users\mikem\Desktop\Addition.txt 2021-08-22 11:55 - 2021-08-27 20:23 - 000035452 _____ C:\Users\mikem\Desktop\FRST.txt 2021-08-22 11:45 - 2021-08-22 11:45 - 002300928 _____ (Farbar) C:\Users\mikem\Desktop\FRST64English.exe 2021-08-22 07:13 - 2021-08-22 10:19 - 000129418 _____ C:\Users\mikem\Desktop\fixlist-old.txt 2021-08-22 06:08 - 2021-08-22 06:10 - 000061739 _____ C:\Users\mikem\Desktop\Addition-old.txt 2021-08-22 06:03 - 2021-08-27 20:22 - 000000000 ____D C:\FRST 2021-08-21 23:40 - 2021-08-21 23:40 - 000001257 _____ C:\Users\Public\Desktop\WD Security.lnk 2021-08-21 23:05 - 2021-08-21 23:05 - 000003208 _____ C:\WINDOWS\system32\Tasks\WD Discovery Service Task mike 2021-08-21 23:05 - 2021-08-21 23:05 - 000003144 _____ C:\WINDOWS\system32\Tasks\WD Device Agent Task mike 2021-08-20 10:22 - 2021-08-27 20:18 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-18 12:45 - 2021-08-20 10:23 - 2042389024 _____ C:\WINDOWS\MEMORY.DMP 2021-08-18 12:45 - 2021-08-18 12:56 - 004645372 _____ C:\WINDOWS\Minidump\081821-42906-01.dmp 2021-08-17 23:17 - 2021-08-17 23:17 - 000000000 ____D C:\Users\mikem\Documents\GG 2021-08-17 22:31 - 2021-08-17 22:38 - 1416473092 _____ C:\Users\mikem\Downloads\403224HD.mp4 2021-08-17 20:22 - 2021-08-17 20:23 - 003455835 _____ C:\Users\mikem\Downloads\sox-state-of-market-report-2020.pdf 2021-08-12 14:59 - 2021-08-12 14:59 - 001151992 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2021-08-11 22:32 - 2021-08-11 22:32 - 000010246 _____ C:\Users\mikem\Documents\List of Items from Dads.xlsx 2021-08-11 06:37 - 2021-08-11 06:37 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2021-08-11 01:09 - 2021-08-11 01:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-08-11 01:09 - 2021-08-11 01:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-08-11 01:09 - 2021-08-11 01:09 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-11 00:41 - 2021-08-11 00:41 - 000000000 ___HD C:\$WinREAgent 2021-08-09 10:45 - 2021-07-30 18:52 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys 2021-08-07 08:50 - 2021-08-07 09:12 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Roaming\vlc 2021-08-07 08:41 - 2021-08-07 08:41 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-08-07 08:41 - 2021-08-07 08:41 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-08-07 08:41 - 2021-08-07 08:41 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-08-07 08:41 - 2021-08-07 08:41 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-08-07 08:33 - 2021-08-07 08:47 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\PlaceholderTileLogoFolder 2021-08-07 08:01 - 2021-08-07 08:01 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\PeerDistRepub 2021-08-07 07:45 - 2021-08-07 07:46 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Comms 2021-08-07 07:39 - 2021-08-07 07:39 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\OneDrive 2021-08-07 07:31 - 2021-08-07 13:15 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3200273941-2670340362-4195434088-1014 2021-08-07 07:31 - 2021-08-07 07:49 - 000000000 ___RD C:\Users\mpmm_a21rhkv\OneDrive 2021-08-07 07:31 - 2021-08-07 07:31 - 000002427 _____ C:\Users\mpmm_a21rhkv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-07 07:30 - 2021-08-07 07:30 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Roaming\Apple Computer 2021-08-07 07:29 - 2021-08-07 07:29 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Publishers 2021-08-07 07:28 - 2021-08-07 08:34 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Packages 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ___RD C:\Users\mpmm_a21rhkv\3D Objects 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\VirtualStore 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Google 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\D3DSCache 2021-08-07 07:28 - 2021-08-07 07:28 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\ConnectedDevicesPlatform 2021-08-07 07:27 - 2021-08-26 19:40 - 000000000 ____D C:\Users\mpmm_a21rhkv 2021-08-07 07:27 - 2021-08-07 07:27 - 000000020 ___SH C:\Users\mpmm_a21rhkv\ntuser.ini 2021-08-07 07:27 - 2017-08-16 02:02 - 000000000 ____D C:\Users\mpmm_a21rhkv\AppData\Local\Microsoft Help 2021-08-07 00:43 - 2021-08-07 00:43 - 000000000 ____D C:\Users\mikem\AppData\Local\mymonero-updater 2021-08-06 07:28 - 2021-08-06 07:28 - 002298102 _____ C:\Users\mikem\Downloads\VID 00003-20100522-1051.3GP 2021-08-05 12:10 - 2021-08-05 12:10 - 000301763 _____ C:\Users\mikem\Documents\amy emails 04.pdf 2021-08-05 12:09 - 2021-08-05 12:09 - 000295712 _____ C:\Users\mikem\Documents\amy emails 03.pdf 2021-08-05 12:03 - 2021-08-05 12:03 - 000384666 _____ C:\Users\mikem\Documents\amy emails 02.pdf 2021-08-05 12:01 - 2021-08-05 12:01 - 000443060 _____ C:\Users\mikem\Documents\amy emails 01.pdf 2021-08-04 10:08 - 2021-08-04 10:18 - 000164950 _____ C:\TDSSKiller.3.1.0.28_04.08.2021_11.08.34_log.txt ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-08-27 20:25 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-27 20:21 - 2019-01-22 13:06 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-27 20:20 - 2020-05-04 19:44 - 000000495 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2021-08-27 20:20 - 2017-08-12 18:27 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-27 20:19 - 2020-12-18 12:26 - 000909080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-27 20:18 - 2020-12-18 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-27 20:18 - 2020-12-18 12:26 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK 2021-08-27 20:18 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-08-27 20:17 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-27 20:07 - 2019-06-29 07:33 - 000000000 ____D C:\Program Files\Dell 2021-08-27 20:01 - 2019-02-05 03:57 - 000000000 ____D C:\ProgramData\Mozilla 2021-08-27 20:00 - 2017-08-12 18:20 - 000000000 ____D C:\Users\mikem\AppData\LocalLow\Mozilla 2021-08-27 19:59 - 2018-03-21 12:01 - 000007603 _____ C:\Users\mikem\AppData\Local\Resmon.ResmonCfg 2021-08-27 19:27 - 2019-06-09 02:56 - 000000000 ____D C:\Users\mikem\AppData\Roaming\vlc 2021-08-27 18:00 - 2020-05-14 03:46 - 000000000 ____D C:\Users\mikem\log 2021-08-27 17:25 - 2020-12-18 12:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-27 10:46 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-27 05:12 - 2018-12-05 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-08-26 23:40 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-26 21:36 - 2020-12-18 12:33 - 000000000 ____D C:\Users\mikem 2021-08-26 20:46 - 2018-05-29 05:38 - 000000000 ____D C:\Program Files\Common Files\Bullzip 2021-08-26 20:28 - 2014-05-18 20:22 - 000000000 ____D C:\AdwCleaner 2021-08-26 19:53 - 2020-12-18 12:45 - 000941870 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-08-26 19:53 - 2019-01-06 21:09 - 000000000 ____D C:\ASM LAW 2021-08-26 10:16 - 2018-11-27 13:45 - 000000000 ____D C:\Users\mikem\AppData\Local\Apple Computer 2021-08-26 08:09 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-26 06:46 - 2018-02-13 10:39 - 000000000 ____D C:\Program Files (x86)\Xvid 2021-08-26 06:18 - 2019-07-25 05:09 - 000000000 ____D C:\Users\mikem\AppData\Roaming\IObit 2021-08-26 06:18 - 2018-01-20 15:59 - 000000000 ____D C:\Program Files (x86)\Dell 2021-08-26 06:18 - 2017-08-12 20:47 - 000000000 ____D C:\ProgramData\Dell 2021-08-26 06:15 - 2020-07-15 16:25 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Origin 2021-08-25 14:07 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-08-25 14:07 - 2018-05-20 12:04 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-08-25 03:51 - 2019-01-01 21:45 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2021-08-25 02:32 - 2019-01-01 21:19 - 000000000 ____D C:\Program Files (x86)\Origin Games 2021-08-25 02:30 - 2018-06-27 23:29 - 000000000 ____D C:\ProgramData\Origin 2021-08-25 02:29 - 2020-07-15 16:25 - 000000000 ____D C:\Users\mikem\AppData\Local\Origin 2021-08-24 22:04 - 2019-01-27 17:13 - 000000000 ____D C:\Users\mikem\AppData\Local\NVIDIA 2021-08-24 22:04 - 2019-01-22 13:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-08-24 22:04 - 2019-01-22 13:04 - 000000000 ____D C:\NVIDIA 2021-08-24 22:03 - 2020-11-09 22:57 - 000001437 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2021-08-24 22:02 - 2019-01-22 13:06 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-08-24 22:02 - 2019-01-22 13:05 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-08-24 20:29 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\tracing 2021-08-24 20:29 - 2017-08-12 20:48 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-08-24 19:38 - 2020-12-18 12:33 - 000000000 ____D C:\Users\mpmm 2021-08-24 19:38 - 2020-12-18 12:33 - 000000000 ____D C:\Users\admin 2021-08-24 19:25 - 2020-10-30 05:03 - 000000000 ____D C:\Users\mikem\AppData\LocalLow\Temp 2021-08-24 19:22 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-08-24 19:22 - 2009-07-13 22:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-08-24 16:44 - 2017-08-12 18:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-08-24 16:39 - 2019-07-25 05:09 - 000000000 ____D C:\ProgramData\ProductData 2021-08-24 15:26 - 2019-01-22 13:12 - 000000000 ____D C:\Users\mikem\AppData\Local\NVIDIA Corporation 2021-08-24 15:22 - 2020-04-23 22:44 - 000000000 ____D C:\Users\mikem\.cache 2021-08-24 15:21 - 2017-08-13 11:02 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Adobe 2021-08-24 15:00 - 2018-05-10 11:42 - 000000000 ____D C:\Program Files (x86)\Brother 2021-08-24 15:00 - 2017-08-13 12:12 - 000000000 ____D C:\ProgramData\Package Cache 2021-08-24 14:59 - 2018-05-10 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2021-08-24 13:36 - 2017-08-12 18:20 - 000000898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-08-24 10:41 - 2021-07-20 11:44 - 000307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2021-08-24 10:41 - 2021-07-20 11:44 - 000213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2021-08-24 10:41 - 2021-07-13 21:14 - 002163152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2021-08-24 10:41 - 2021-07-13 21:14 - 000188856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2021-08-24 10:41 - 2021-07-13 21:14 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2021-08-24 10:41 - 2021-07-13 21:14 - 000061904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2021-08-21 23:56 - 2018-05-10 11:44 - 000000000 ____D C:\Users\mikem\AppData\Local\CrashDumps 2021-08-21 23:40 - 2019-11-26 03:40 - 000000000 ____D C:\Program Files (x86)\Western Digital 2021-08-21 23:39 - 2020-05-04 17:33 - 000000000 ____D C:\Users\mikem\AppData\Roaming\WD Discovery 2021-08-21 23:39 - 2020-05-04 17:33 - 000000000 ____D C:\Users\mikem\.wdc 2021-08-21 23:32 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-21 23:31 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-21 23:13 - 2019-06-16 16:52 - 000000000 ____D C:\Cache 2021-08-21 23:06 - 2020-12-23 17:22 - 000000000 ____D C:\Program Files\WD Desktop App 2021-08-21 22:03 - 2020-11-29 07:37 - 000000000 ____D C:\Users\mikem\AppData\Roaming\LG Electronics 2021-08-21 22:03 - 2020-11-29 07:36 - 000000000 ____D C:\Users\mikem\AppData\Local\LG Electronics 2021-08-21 22:03 - 2019-07-30 14:01 - 000000000 ____D C:\Program Files (x86)\LG Electronics 2021-08-21 22:02 - 2019-12-10 17:17 - 000000000 ____D C:\Users\mikem\AppData\Local\Packages 2021-08-21 22:02 - 2018-01-21 10:35 - 000000000 ____D C:\Program Files\Android 2021-08-21 21:58 - 2021-07-13 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2021-08-21 10:25 - 2020-12-18 12:32 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-20 10:25 - 2020-12-31 13:26 - 000000000 ____D C:\WINDOWS\Minidump 2021-08-17 23:45 - 2017-08-12 18:27 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-17 23:45 - 2017-08-12 18:27 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-08-17 15:55 - 2019-12-10 20:24 - 000000000 ____D C:\Users\mikem\AppData\Local\D3DSCache 2021-08-15 20:19 - 2020-12-18 22:56 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-15 20:19 - 2020-12-18 22:56 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d563b3b6d726 2021-08-12 00:31 - 2020-12-18 14:59 - 000000000 ____D C:\Program Files\Hyper-V 2021-08-12 00:31 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-11 00:32 - 2017-08-12 19:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-11 00:25 - 2017-08-12 19:12 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-10 12:45 - 2021-02-01 13:27 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-08-07 13:14 - 2020-12-22 22:13 - 000003174 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification 2021-08-07 13:14 - 2020-12-18 12:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-07 13:14 - 2020-12-18 12:55 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-07 09:13 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-08-07 09:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-08-07 09:13 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing 2021-08-07 07:49 - 2020-01-07 11:50 - 000000000 ___HD C:\OneDriveTemp 2021-08-07 07:45 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-08-07 07:28 - 2019-12-10 17:17 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-08-07 07:15 - 2021-07-13 19:41 - 000000000 ____D C:\Users\mikem\AppData\Roaming\Electrum 2021-08-06 06:33 - 2021-07-13 19:33 - 000000000 ____D C:\Users\mikem\AppData\Roaming\com.liberty.jaxx 2021-08-05 16:12 - 2020-11-12 23:15 - 000078192 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2021-08-05 16:12 - 2020-11-12 23:15 - 000067952 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2021-08-05 16:12 - 2020-11-09 22:56 - 002186608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2021-08-05 16:12 - 2020-11-09 22:56 - 001293680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2021-08-05 16:12 - 2020-11-09 22:56 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2021-08-05 16:12 - 2020-11-09 22:55 - 000168304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2021-08-05 16:12 - 2020-11-09 22:55 - 000144240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2021-08-04 12:05 - 2020-09-30 23:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-04 10:25 - 2020-02-03 01:39 - 000000000 ____D C:\Program Files (x86)\Origin 2021-08-04 08:28 - 2019-12-10 17:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Files in the root of some directories ======== 2018-03-21 09:15 - 2018-02-13 02:57 - 000131072 _____ () C:\Users\mikem\zcl-wallet.dat 2019-02-08 09:03 - 2015-12-18 23:41 - 000573952 _____ () C:\Program Files\DS4Updater.exe 2019-02-08 09:03 - 2016-10-08 22:17 - 003168256 _____ () C:\Program Files\DS4Windows.exe 2020-05-04 23:38 - 2020-05-05 00:10 - 000000128 _____ () C:\Users\mikem\AppData\Local\PUTTY.RND 2020-04-23 22:47 - 2020-04-23 22:47 - 000000792 _____ () C:\Users\mikem\AppData\Local\recently-used.xbel 2018-03-21 12:01 - 2021-08-27 19:59 - 000007603 _____ () C:\Users\mikem\AppData\Local\Resmon.ResmonCfg 2019-04-03 13:57 - 2019-06-24 00:26 - 164937728 _____ () C:\Users\mikem\AppData\Local\SageThumbs.db3 2020-11-28 22:58 - 2020-11-28 22:58 - 000000076 _____ () C:\Users\mikem\AppData\Local\uts.ini ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================