Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojans and Coin Miners Have Taken Over


  • Please log in to reply

#1
BMiles

BMiles

    New Member

  • Member
  • Pip
  • 1 posts

Hello Geeks

 

Yesterday I was made aware of a breach to my Amazon account and in trying to fix the issue, I also discovered my email had been too - rules had been set to automatically put any Amazon emails into the archive so that I wouldnt see them making their purchases. Too bad for them Amazon detected the suspicious activity right away and shut them down. I quickly removed all the devices that were logged into said email and changed my password on a non-infected device. Hopefully that solves that issue.

 

I had recently changed my email password on my pc, so I ran a few scans and wouldn't you know it, I've got a bunch of trojans and coin miners (among others) and more keep adding on - my bf decided try to find himself keygens for his DJ software... :bashhead: . I've scanned using Windows Defender, Dr. Web Cureit, and Malwarebytes each coming up with several infections scattering my pc. I did attempt to run them in safe mode with networking to no avail as it appears my network adaptor drivers do not support that.

 

I'd really like some assitance in getting these off of my pc. I have provided the FRST texts for your reading pleasure. Your help will be most appreciated, hope to hear from one of you soon!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2020
Ran by BevPC (administrator) on DESKTOP-HALUPV1 (ASUSTeK COMPUTER INC. GL752VW) (30-11-2020 14:02:59)
Running from C:\Users\BevPC\Desktop
Loaded Profiles: BevPC
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Doctor Web Ltd. -> ) C:\Users\BevPC\AppData\Local\Temp\EF3E940-69E5B480-41367920-5FE698E0\9i8Gy94oJsJ0.exe
(Doctor Web Ltd. -> ) C:\Users\BevPC\AppData\Local\Temp\EF3E940-69E5B480-41367920-5FE698E0\Fk2FyKaU.exe
(Doctor Web Ltd. -> ) C:\Users\BevPC\AppData\Local\Temp\EF3E940-69E5B480-41367920-5FE698E0\zAQjfYLkX.exe
(Doctor Web Ltd. -> ) C:\Users\BevPC\Desktop\gmf715m4.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_ebba65282f89f8eb\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fafb1d329fdfe2c6\aesm_service.exe
(Intel® Trusted Connect Service -> Intel® Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [604496 2017-11-24] (Conexant Systems LLC -> Conexant Systems, Inc.)
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [5516048 2019-12-14] (Tobias Erichsen -> Tobias Erichsen)
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\KOAXYA_P: C:\Windows\System32\spool\prtprocs\x64\KOAXYA_P.DLL [50688 2017-04-16] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\C368SeriesPS Language Monitor: C:\Windows\system32\KOAXYA_L.DLL [25600 2017-04-16] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-16] (Google LLC -> Google LLC)
Startup: C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-02-22]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0A02DD6B-DFD7-49B6-9210-AA65B2534C3B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0B7DF887-2F15-4ADB-B433-701F4CF45D74} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0BB71945-E115-4803-AE23-EEE42DEBDF90} - System32\Tasks\WpsExternal_20161117083023 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
Task: {0D9766CF-B649-4DA1-8FB1-F3B890BC6FB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1457E9E1-E4AC-463D-9352-FF79E883CD63} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1491E83A-B534-4873-96DA-572E510BD1C8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1ED735F7-59D3-4E16-99DC-4A8F5817FA6F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-18] (ASUSTeK Computer Inc. -> AsusTek)
Task: {209FF29D-9451-4C00-9D4F-2443B3EB416F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-18] (Google Inc -> Google Inc.)
Task: {221175CE-7FC1-44F2-8C44-9CEFEDDA44B3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {2C0D377D-C971-4B78-9C1A-891011A3347D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-18] (Google Inc -> Google Inc.)
Task: {39B60C32-80AB-4262-B5F9-0F89352F8769} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E3E25FE-FA55-494D-8D55-263628B4A6DE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49795CB5-EAB4-4EDA-B50A-1969C6FC18E1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1526680 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4ABE3CC4-479E-4ACE-8A87-4EF99A75FDAA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5153176 2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CAB86E8-B0E4-4C05-A7C4-F95DAE0CA801} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D672CD7-C3B3-4D39-AA3A-0F5C21AD0665} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FE2DD07-0283-4BB9-84D2-95B991099550} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52889152-8239-4D15-A69E-8A6161535A0F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {67DEF075-04B6-4DAF-8EBB-7EA98D3D08CD} - System32\Tasks\GoogleUpdateTaskMachineUA1d6a4151755c76d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-18] (Google Inc -> Google Inc.)
Task: {78E83B8C-DE2B-4889-B8B4-326A37F4AA6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {7BBEEC5F-B244-41A1-B8D3-31A5E5FEF6FC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EBF0AD2-6F56-488D-9124-C4F54995480E} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {8BC0E8E9-8C27-4A09-BF54-7FD44928066C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BE34C02-CD38-48CD-8D3E-B2DB47E33B70} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {9A8E9FE5-4490-4B46-8DB1-7878980DBDAF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9D307563-4C0B-4D95-9DB1-7961A8EEE8B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FA4B859-6F64-406A-8740-7EAE3EF7F373} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A2574646-3D9C-43E8-9BB0-2B0CB0FBE805} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AAFC8E08-8B47-432A-9033-16DA54756031} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF76E189-6F45-4572-9859-B90A066B5904} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B485E125-CA9B-4373-ABDF-8DEFA2240013} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7685808 2018-05-07] (Piriform Ltd -> Piriform Ltd)
Task: {C0C866DD-6452-4FB2-8CE2-A5E94BC44379} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C44C6F06-E183-4686-BEB3-DC13F88326D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C554D50C-4548-49BF-A0BC-ED20B4E5A744} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2015-12-02] (ASUS) [File not signed]
Task: {C6021BE5-FADC-4872-9173-8F940A103A5F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C9334FC6-370D-46A7-A3DA-79129434E60C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CACF0392-F900-4C2D-9E08-EA1D3A5E194F} - System32\Tasks\GoogleUpdateTaskMachineCore1d6a415172add51 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-18] (Google Inc -> Google Inc.)
Task: {CE22A534-BB97-420D-AF2C-635A804382A8} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1578784 2016-07-07] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]
Task: {D42368BF-08B6-45AF-A397-6F0DDD81D9A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC22DA76-FDF6-48B0-92A7-B146ED615EB4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF046283-A8C7-4C1F-95F9-294FAEB0B204} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5153176 2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161117083023.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0f538025-0c73-47d0-a614-4f8a1de0e904}: [DhcpNameServer] 206.248.154.22 206.248.154.170
Tcpip\..\Interfaces\{9430795c-fda5-4109-b6b7-0c6ce2fe1d0e}: [DhcpNameServer] 192.168.0.1
 
Edge: 
======
Edge Profile: C:\Users\BevPC\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-19]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-18] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default [2020-11-30]
CHR Notifications: Default -> hxxps://watch-video.net
CHR HomePage: Default -> hxxp://google.ca/
CHR StartupUrls: Default -> "hxxp://google.ca/"
CHR Extension: (Slides) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-11-17]
CHR Extension: (Adobe Acrobat) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-10-17]
CHR Extension: (Sheets) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-05]
CHR Extension: (Gmail) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-17]
CHR Extension: (Skype Calling) - C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2017-09-13]
CHR Profile: C:\Users\BevPC\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-30] (Malwarebytes Inc -> Malwarebytes)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661368 2017-07-25] (TechSmith Corporation -> TechSmith Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SystemServices; C:\Program Files\qemu\SystemServices.exe [X] <==== ATTENTION
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 a8djavs; C:\WINDOWS\System32\Drivers\a8djavs.sys [359784 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 a8djavs_x64; C:\WINDOWS\System32\Drivers\a8djavs_x64.sys [44560 2008-12-09] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 a8djusb_svc; C:\WINDOWS\System32\Drivers\a8djusb.sys [100712 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 a8djusb_x64; C:\WINDOWS\System32\Drivers\a8djusb_x64.sys [233488 2008-12-09] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 asiovadpro; C:\WINDOWS\system32\DRIVERS\asiovadpro.sys [42984 2016-08-28] (John Shield -> John Shield/O Deus Audio)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-12-18] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R1 gfdriver; C:\WINDOWS\System32\drivers\gfdriver.sys [51904 2015-01-14] (TITAN ARC CORP. TAIWAN BRANCH (SAMOA) -> Titan ARC Corp.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-11-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-11-30] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-11-30] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-30] (Malwarebytes Inc -> Malwarebytes)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (TITAN ARC CORP. TAIWAN BRANCH (SAMOA) -> Titan ARC Corp.)
S3 RDID1144; C:\WINDOWS\system32\Drivers\RDWM1144.SYS [242432 2015-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-07] (Tobias Erichsen -> Tobias Erichsen)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\Users\BevPC\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-11-30 14:02 - 2020-11-30 14:03 - 000028891 _____ C:\Users\BevPC\Desktop\FRST.txt
2020-11-30 14:02 - 2020-11-30 14:03 - 000000000 ____D C:\FRST
2020-11-30 13:59 - 2020-11-30 13:59 - 002290176 _____ (Farbar) C:\Users\BevPC\Desktop\FRST64.exe
2020-11-30 12:47 - 2020-11-30 12:47 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-30 12:47 - 2020-11-30 12:47 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-11-30 12:47 - 2020-11-30 12:47 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-11-30 12:47 - 2020-11-30 12:47 - 000000000 ____D C:\Users\BevPC\AppData\LocalLow\IGDump
2020-11-30 09:52 - 2020-11-30 09:52 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-11-30 09:31 - 2020-11-30 09:32 - 234940200 _____ C:\Users\BevPC\Desktop\gmf715m4.exe
2020-11-30 07:32 - 2020-11-30 07:48 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\com.spitfireaudio
2020-11-30 07:32 - 2020-11-30 07:32 - 000000000 ____D C:\Users\Public\Documents\NI Resources
2020-11-30 07:32 - 2020-11-30 07:32 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Sampleson
2020-11-30 07:32 - 2020-11-30 07:32 - 000000000 ____D C:\Users\BevPC\AppData\Local\Roland Cloud
2020-11-30 07:32 - 2020-11-30 07:32 - 000000000 ____D C:\ProgramData\Documents\NI Resources
2020-11-30 07:29 - 2020-11-30 07:45 - 000000000 ____D C:\Users\BevPC\Documents\Max 8
2020-11-30 07:29 - 2020-11-30 07:29 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Cycling '74
2020-11-30 07:29 - 2020-11-30 07:29 - 000000000 ____D C:\ProgramData\Max 8
2020-11-30 07:23 - 2020-11-30 07:23 - 000057085 _____ C:\Users\BevPC\Desktop\Authorize.auz
2020-11-30 07:15 - 2020-11-30 07:15 - 000000000 ____D C:\Users\BevPC\AppData\Local\Ableton
2020-11-30 07:15 - 2020-11-30 07:15 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2020-11-30 07:01 - 2020-11-30 07:01 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\IntelTools
2020-11-30 07:00 - 2020-11-30 07:00 - 000002647 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ableton Live 10 Suite.lnk
2020-11-30 07:00 - 2020-11-30 07:00 - 000001155 _____ C:\Users\Public\Desktop\Ableton Live 10 Suite.lnk
2020-11-30 07:00 - 2020-11-30 07:00 - 000001155 _____ C:\ProgramData\Desktop\Ableton Live 10 Suite.lnk
2020-11-30 06:54 - 2019-07-20 04:43 - 000000000 ____D C:\Users\BevPC\Downloads\Ableton.Live.Suite.10.1.Multilingual.x64.WIN
2020-11-30 06:41 - 2020-11-30 06:49 - 2020133181 _____ C:\Users\BevPC\Downloads\Ableton.Live.Suite.10.1.Multilingual.x64.WIN.rar
2020-11-30 06:25 - 2020-11-30 06:25 - 000003384 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b1e85a34269
2020-11-29 15:10 - 2020-11-29 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Saffire PRO
2020-11-29 15:10 - 2020-11-29 15:10 - 000000000 ____D C:\Program Files (x86)\Focusrite Saffire PRO
2020-11-29 15:10 - 2007-03-13 11:58 - 000009728 _____ (Focusrite Audio Engineering Ltd.) C:\WINDOWS\system32\ffSaffirePro_coinst.dll
2020-11-25 13:10 - 2020-11-25 13:10 - 007370014 _____ C:\Users\BevPC\Downloads\USB_Burning_Tool_v2.0.8_x86.rar
2020-11-25 13:07 - 2020-11-25 16:41 - 653257722 _____ C:\Users\BevPC\Downloads\QBOX_905_216_QB0006.rar
2020-11-24 18:17 - 2020-11-24 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\intelligent sounds & music
2020-11-24 18:17 - 2020-11-24 18:17 - 000000000 ____D C:\Program Files\intelligent sounds & music
2020-11-24 18:15 - 2020-11-24 18:15 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\intelligent sounds & music
2020-11-24 18:15 - 2020-11-24 18:15 - 000000000 ____D C:\ProgramData\intelligent sounds & music
2020-11-24 18:08 - 2020-11-24 18:08 - 000000000 ____D C:\Users\BevPC\AppData\Local\Fyxdf
2020-11-19 07:35 - 2020-11-30 12:55 - 001388432 _____ C:\Users\Public\VOIP.dat
2020-11-19 07:34 - 2020-11-19 07:34 - 001994628 _____ C:\WINDOWS\Minidump\111920-11812-01.dmp
2020-11-19 06:45 - 2020-11-21 12:46 - 000000000 __HDC C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2020-11-19 06:41 - 2020-11-30 10:01 - 000000000 ____D C:\ProgramData\Outbyte
2020-11-18 20:28 - 2020-11-18 20:28 - 001540700 _____ C:\WINDOWS\Minidump\111820-10656-01.dmp
2020-11-18 20:20 - 2020-11-18 20:20 - 001522876 _____ C:\WINDOWS\Minidump\111820-10625-01.dmp
2020-11-18 17:47 - 2020-11-18 17:47 - 002297860 _____ C:\WINDOWS\Minidump\111820-14593-01.dmp
2020-11-18 07:20 - 2020-11-18 07:20 - 000000000 ____D C:\Users\BevPC\Documents\FabFilter
2020-11-18 07:20 - 2020-11-18 07:20 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\FabFilter
2020-11-18 07:18 - 2020-11-18 07:18 - 000000454 _____ C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FabFilter Pro-Q 3 Help.lnk
2020-11-17 18:27 - 2020-11-17 18:27 - 056036410 _____ C:\Users\BevPC\Desktop\PPT for 45th Anniverary gala 1.pptx
2020-11-17 17:29 - 2020-11-17 17:29 - 000001933 _____ C:\Users\BevPC\Desktop\Zoom.lnk
2020-11-17 17:13 - 2020-11-17 17:13 - 002161300 _____ C:\WINDOWS\Minidump\111720-10578-01.dmp
2020-11-16 08:24 - 2020-11-16 08:24 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Xfer
2020-11-16 08:23 - 2020-11-16 08:23 - 000000000 ____D C:\Users\BevPC\Documents\Xfer
2020-11-16 07:53 - 2020-11-16 07:53 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Sonic Academy
2020-11-16 07:25 - 2020-11-16 07:25 - 000000000 ____D C:\ProgramData\Sonic Academy
2020-11-16 07:25 - 2020-11-16 07:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Academy
2020-11-16 07:21 - 2020-11-16 07:21 - 000000000 ____D C:\Users\BevPC\Desktop\vst
2020-11-16 07:14 - 2020-11-16 07:14 - 021432294 _____ C:\Users\BevPC\Downloads\ab0b302c-1704-4320-9d89-71e034c6eb91.tmp
2020-11-15 04:35 - 2020-11-15 04:35 - 001789396 _____ C:\WINDOWS\Minidump\111520-10375-01.dmp
2020-11-15 03:40 - 2020-11-15 03:40 - 000017671 _____ C:\Users\BevPC\Downloads\MemTest.zip
2020-11-15 03:36 - 2020-11-15 03:36 - 008234296 _____ (Piriform Software Ltd) C:\Users\BevPC\Downloads\spsetup132.exe
2020-11-15 03:36 - 2020-11-15 03:36 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-11-15 03:36 - 2020-11-15 03:36 - 000000839 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-11-15 03:36 - 2020-11-15 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-11-15 03:36 - 2020-11-15 03:36 - 000000000 ____D C:\Program Files\Speccy
2020-11-15 00:30 - 2020-11-30 13:13 - 000000000 ____D C:\ProgramData\Doctor Web
2020-11-15 00:30 - 2020-11-15 00:54 - 000000000 ____D C:\Users\BevPC\Doctor Web
2020-11-15 00:28 - 2020-11-15 00:29 - 232596160 _____ C:\Users\BevPC\Downloads\vci0a7k1.exe
2020-11-15 00:04 - 2020-11-15 00:04 - 000000000 ____D C:\WINDOWS\pss
2020-11-14 14:24 - 2020-11-14 14:26 - 000000000 ____D C:\Users\BevPC\Documents\Reflect
2020-11-14 14:00 - 2020-11-14 14:10 - 000000000 ____D C:\ProgramData\Macrium
2020-11-14 14:00 - 2020-11-14 14:00 - 005279488 _____ (Paramount Software UK Ltd) C:\Users\BevPC\Downloads\ReflectDLHF.exe
2020-11-14 13:57 - 2020-11-14 13:57 - 000000000 ____D C:\WINDOWS\system32\Samsung
2020-11-14 13:57 - 2020-04-24 02:22 - 000043368 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys
2020-11-14 13:47 - 2020-11-14 13:54 - 002199156 _____ C:\WINDOWS\Minidump\111420-32640-01.dmp
2020-11-14 13:45 - 2020-11-30 09:25 - 000000000 ___RD C:\Users\BevPC\Desktop\BERLIN SOUNDS Project
2020-11-13 08:16 - 2020-11-30 12:06 - 001762626 _____ C:\WINDOWS\ntbtlog.txt
2020-11-13 08:16 - 2020-11-30 11:59 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-11-12 21:49 - 2020-11-12 21:51 - 002125660 _____ C:\WINDOWS\Minidump\111220-34296-01.dmp
2020-11-12 18:49 - 2020-11-12 18:49 - 000007622 _____ C:\Users\BevPC\AppData\Local\Resmon.ResmonCfg
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-11-11 01:04 - 2020-11-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-11-10 13:14 - 2020-11-10 13:14 - 008540672 _____ C:\Users\BevPC\Downloads\T-JM26AUS0.exe
2020-11-08 22:40 - 2020-11-08 22:40 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-08 22:40 - 2020-11-08 22:40 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-08 22:40 - 2020-11-08 22:40 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-08 21:56 - 2020-10-27 20:29 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-08 21:56 - 2020-10-27 20:29 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-11-08 21:56 - 2020-10-27 20:29 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-08 21:56 - 2020-10-27 20:29 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-11-08 21:56 - 2020-10-27 20:29 - 001054936 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-11-08 21:56 - 2020-10-27 20:29 - 001054936 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-11-08 21:56 - 2020-10-27 20:29 - 000917720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-08 21:56 - 2020-10-27 20:29 - 000917720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-11-08 21:56 - 2020-10-27 20:28 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-11-08 21:56 - 2020-10-27 20:28 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-11-08 21:56 - 2020-10-27 20:27 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-11-08 21:56 - 2020-10-27 20:27 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445709.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 001584368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 001484184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445709.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-11-08 21:56 - 2020-10-27 20:26 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-11-08 21:56 - 2020-10-27 20:25 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-11-08 21:56 - 2020-10-27 20:25 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-11-08 21:56 - 2020-10-27 20:25 - 004174064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-11-08 21:56 - 2020-10-27 20:25 - 002509720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-11-08 21:56 - 2020-10-27 20:23 - 005976984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-11-08 21:30 - 2020-11-08 21:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-08 21:30 - 2020-11-08 21:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-08 21:30 - 2020-11-08 21:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-08 21:30 - 2020-11-08 21:30 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-08 21:30 - 2020-11-08 21:30 - 000001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-11-08 21:30 - 2020-11-08 21:30 - 000001449 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-11-08 21:30 - 2020-10-19 00:42 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2020-11-08 21:30 - 2020-10-19 00:42 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2020-11-08 21:29 - 2020-03-04 07:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2020-11-08 21:23 - 2020-11-08 21:27 - 127450288 _____ (NVIDIA Corporation New) C:\Users\BevPC\Downloads\GeForce_Experience_v3.20.5.70.exe
2020-11-08 11:16 - 2020-11-08 11:22 - 004231580 _____ C:\WINDOWS\Minidump\110820-40718-01.dmp
2020-11-05 23:47 - 2020-11-05 23:47 - 000804904 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_quote_ex.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000804392 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_epid.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000799784 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_launch.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000701992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_quote_ex.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000700968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_epid.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000695848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_launch.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000125992 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_urts.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000105000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_urts.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000069672 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_enclave_common.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000057896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_enclave_common.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000055336 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_platform.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000049192 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_platform.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000039464 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_uae_service.dll
2020-11-05 23:47 - 2020-11-05 23:47 - 000037928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_uae_service.dll
2020-11-03 17:26 - 2020-11-19 07:34 - 000000000 ____D C:\WINDOWS\Minidump
2020-11-03 17:26 - 2020-11-03 17:33 - 004416628 _____ C:\WINDOWS\Minidump\110320-36312-01.dmp
2020-11-03 11:22 - 2020-11-03 11:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-11-03 11:21 - 2020-11-03 11:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-11-03 11:21 - 2020-11-03 11:21 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-11-03 11:18 - 2020-11-03 11:18 - 000000000 ____D C:\ProgramData\USOShared
2020-11-03 11:18 - 2020-11-03 11:18 - 000000000 ____D C:\ProgramData\ssh
2020-11-03 11:14 - 2020-11-03 11:14 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-11-03 11:14 - 2020-11-03 11:14 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-11-03 11:13 - 2020-11-03 11:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-11-03 11:13 - 2020-11-03 11:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-11-03 11:13 - 2020-11-03 11:13 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-11-03 11:13 - 2020-11-03 11:13 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-11-03 11:13 - 2020-11-03 11:13 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-11-03 11:13 - 2020-11-03 11:13 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-11-03 11:13 - 2020-11-03 11:13 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-11-03 11:13 - 2020-11-03 11:13 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-11-03 11:13 - 2020-11-03 11:13 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2020-11-03 11:13 - 2020-11-03 11:13 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-11-03 11:13 - 2020-11-03 11:13 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-11-03 11:13 - 2020-11-03 11:13 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-11-03 11:13 - 2020-11-03 11:13 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-11-03 11:13 - 2020-11-03 11:13 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-11-03 11:13 - 2020-11-03 11:13 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-11-03 11:13 - 2020-11-03 11:13 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-11-03 11:12 - 2020-11-03 11:12 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-11-03 11:12 - 2020-11-03 11:12 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-11-03 11:12 - 2020-11-03 11:12 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-11-03 11:12 - 2020-11-03 11:12 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2020-11-03 11:12 - 2020-11-03 11:12 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-11-03 11:12 - 2020-11-03 11:12 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-11-03 11:12 - 2020-11-03 11:12 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-11-03 11:12 - 2020-11-03 11:12 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-11-03 11:12 - 2020-11-03 11:12 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-11-03 11:11 - 2020-11-03 11:11 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-11-03 11:11 - 2020-11-03 11:11 - 001366136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-11-03 11:11 - 2020-11-03 11:11 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 000811160 _____ C:\WINDOWS\SysWOW64\locale.nls
2020-11-03 11:11 - 2020-11-03 11:11 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2020-11-03 11:11 - 2020-11-03 11:11 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-11-03 11:11 - 2020-11-03 11:11 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-11-03 11:11 - 2020-11-03 11:11 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll
2020-11-03 11:11 - 2020-11-03 11:11 - 000035840 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2020-11-03 11:10 - 2020-11-03 11:10 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-11-03 11:10 - 2020-11-03 11:10 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-11-03 11:10 - 2020-11-03 11:10 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-11-03 11:10 - 2020-11-03 11:10 - 000237880 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2020-11-03 11:10 - 2020-11-03 11:10 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2020-11-03 11:10 - 2020-11-03 11:10 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2020-11-03 11:10 - 2020-11-03 11:10 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-11-03 10:53 - 2020-11-15 01:27 - 000797340 _____ C:\WINDOWS\system32\perfh00C.dat
2020-11-03 10:53 - 2020-11-15 01:27 - 000153094 _____ C:\WINDOWS\system32\perfc00C.dat
2020-11-03 10:53 - 2020-11-03 10:53 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat
2020-11-03 10:53 - 2020-11-03 10:53 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat
2020-11-03 10:53 - 2020-11-03 10:53 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-11-03 10:53 - 2020-11-03 10:53 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2020-11-03 10:53 - 2020-11-03 10:53 - 000000000 ____D C:\WINDOWS\system32\fr
2020-11-03 10:44 - 2020-11-03 10:44 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-11-03 10:44 - 2020-11-03 10:44 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-11-03 10:43 - 2020-11-03 10:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-11-03 10:43 - 2020-11-03 10:43 - 000000000 ____D C:\Program Files\MSBuild
2020-11-03 10:43 - 2020-11-03 10:43 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-03 10:43 - 2020-11-03 10:43 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-11-03 09:14 - 2020-11-03 09:14 - 000001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2020-11-03 09:11 - 2018-11-22 16:31 - 005939008 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 001617056 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 001571280 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APOMIX.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 001529224 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 001069480 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64BPAPO.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 000884568 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 000598432 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CX64APO2.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 000442360 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\ASpkExt64.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 000113160 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\FMPropPageExt64.dll
2020-11-03 09:11 - 2018-11-22 16:31 - 000061232 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll
2020-11-03 09:11 - 2018-11-22 12:31 - 004921304 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A195.dll
2020-11-03 09:11 - 2018-11-22 12:31 - 003463680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys
2020-11-03 09:11 - 2018-11-22 12:31 - 000806352 _____ (ICEpower) C:\WINDOWS\system32\ICEsoundService64.exe
2020-11-03 09:11 - 2018-11-22 12:31 - 000174488 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\ATKWMI.dll
2020-11-03 09:11 - 2018-11-22 12:31 - 000042712 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CXHDMI64.dll
2020-11-03 09:11 - 2018-11-22 12:22 - 000530396 _____ C:\WINDOWS\system32\Drivers\miceq.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000202187 _____ C:\WINDOWS\system32\ICEsoundService.bin
2020-11-03 09:11 - 2018-11-22 12:22 - 000132231 _____ C:\WINDOWS\system32\Drivers\softeq.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000065520 _____ C:\WINDOWS\system32\Drivers\MicGain.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000030893 _____ C:\WINDOWS\system32\Drivers\Mixer.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000029642 _____ C:\WINDOWS\system32\Drivers\D2Keys.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000006451 _____ C:\WINDOWS\system32\Drivers\HeadsetCtrl.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000005638 _____ C:\WINDOWS\system32\Drivers\orverbs.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000005388 _____ C:\WINDOWS\system32\Drivers\fxmisc.ini
2020-11-03 09:11 - 2018-11-22 12:22 - 000001816 _____ C:\WINDOWS\system32\Drivers\altmixer.ini
2020-11-03 09:06 - 2020-11-03 09:06 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-11-03 09:03 - 2020-11-03 09:03 - 000000020 ___SH C:\Users\BevPC\ntuser.ini
2020-11-03 09:02 - 2020-11-30 12:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-03 09:02 - 2020-11-30 06:25 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6a4bce37d175a
2020-11-03 09:02 - 2020-11-24 18:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-03 09:02 - 2020-11-08 21:30 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-03 09:02 - 2020-11-08 21:30 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-03 09:02 - 2020-11-08 21:30 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-03 09:02 - 2020-11-08 21:30 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-03 09:02 - 2020-11-08 21:30 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-03 09:02 - 2020-11-08 21:30 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-03 09:02 - 2020-11-03 09:02 - 000003438 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6815bf143b021
2020-11-03 09:02 - 2020-11-03 09:02 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-03 09:02 - 2020-11-03 09:02 - 000003376 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d6a4151755c76d
2020-11-03 09:02 - 2020-11-03 09:02 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-03 09:02 - 2020-11-03 09:02 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a4bce3704f12
2020-11-03 09:02 - 2020-11-03 09:02 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6815bf10e1ec9
2020-11-03 09:02 - 2020-11-03 09:02 - 000003182 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-03 09:02 - 2020-11-03 09:02 - 000003152 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d6a415172add51
2020-11-03 09:02 - 2020-11-03 09:02 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-03 09:02 - 2020-11-03 09:02 - 000003028 _____ C:\WINDOWS\system32\Tasks\WpsExternal_20161117083023
2020-11-03 09:02 - 2020-11-03 09:02 - 000002974 _____ C:\WINDOWS\system32\Tasks\Update Checker
2020-11-03 09:02 - 2020-11-03 09:02 - 000002924 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2020-11-03 09:02 - 2020-11-03 09:02 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2067428576-3587227036-2798591388-1003
2020-11-03 09:02 - 2020-11-03 09:02 - 000002862 _____ C:\WINDOWS\system32\Tasks\ASUS Smart Gesture Launcher
2020-11-03 09:02 - 2020-11-03 09:02 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2067428576-3587227036-2798591388-500
2020-11-03 09:02 - 2020-11-03 09:02 - 000002340 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2020-11-03 09:02 - 2020-11-03 09:02 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-11-03 09:02 - 2020-11-03 09:02 - 000002214 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260
2020-11-03 09:02 - 2020-11-03 09:02 - 000002214 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2020-11-03 09:02 - 2020-11-03 09:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc
2020-11-03 09:02 - 2020-11-03 09:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2020-11-03 09:00 - 2020-11-03 09:02 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-11-03 09:00 - 2020-11-03 09:02 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-11-03 08:51 - 2020-11-15 01:27 - 001768058 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-03 08:39 - 2020-11-30 13:13 - 000000000 ____D C:\Users\BevPC
2020-11-03 08:39 - 2019-03-18 23:46 - 000001105 _____ C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-03 08:30 - 2020-11-30 12:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-03 08:30 - 2020-11-11 08:45 - 000454928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-02 22:53 - 2020-11-02 22:53 - 000001129 _____ C:\Users\Public\Desktop\Native Access.lnk
2020-11-02 22:53 - 2020-11-02 22:53 - 000001129 _____ C:\ProgramData\Desktop\Native Access.lnk
2020-11-02 22:53 - 2020-11-02 22:53 - 000000000 __HDC C:\ProgramData\{2CD88392-6082-4B22-A91D-093567E64459}
2020-11-02 22:49 - 2020-11-15 14:37 - 000000000 ___DC C:\WINDOWS\Panther
2020-11-02 21:48 - 2020-11-03 08:43 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2020-11-02 21:48 - 2020-11-02 21:48 - 000462251 _____ C:\Users\BevPC\Downloads\ASIO4ALL_2_14_English (1).exe
2020-11-02 21:48 - 2020-11-02 21:48 - 000001213 _____ C:\Users\BevPC\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2020-11-02 21:48 - 2020-11-02 21:48 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2020-11-02 21:47 - 2020-11-02 21:47 - 000462251 _____ C:\Users\BevPC\Downloads\ASIO4ALL_2_14_English.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-11-30 13:18 - 2020-04-16 20:04 - 000000000 ____D C:\Program Files (x86)\App Deploy
2020-11-30 13:09 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-30 12:56 - 2017-09-13 21:16 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-30 12:54 - 2017-09-13 18:26 - 000000184 _____ C:\Users\BevPC\AppData\Roaming\sp_data.sys
2020-11-30 12:54 - 2017-09-13 18:26 - 000000000 __SHD C:\Users\BevPC\IntelGraphicsProfiles
2020-11-30 12:53 - 2019-03-18 23:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-30 12:50 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-30 12:50 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-30 11:27 - 2017-12-07 18:37 - 000000000 ____D C:\Users\BevPC\AppData\Local\ElevatedDiagnostics
2020-11-30 10:13 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-30 09:53 - 2017-11-11 23:01 - 000000000 ____D C:\Users\BevPC\AppData\Local\CrashDumps
2020-11-30 09:30 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-30 09:29 - 2019-08-08 17:17 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2020-11-30 07:32 - 2018-10-19 16:42 - 000000000 ____D C:\Users\BevPC\AppData\Local\Native Instruments
2020-11-30 07:15 - 2020-03-19 10:29 - 000000000 ____D C:\Users\BevPC\Documents\Ableton
2020-11-30 07:15 - 2020-03-19 10:29 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Ableton
2020-11-30 07:01 - 2020-04-16 18:49 - 000000000 __SHD C:\Program Files\qemu
2020-11-30 06:58 - 2020-03-19 10:28 - 000000000 ____D C:\ProgramData\Ableton
2020-11-27 22:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-24 18:03 - 2017-09-23 18:10 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-24 07:31 - 2020-07-31 11:22 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-24 07:31 - 2020-07-31 11:22 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-24 07:31 - 2020-07-31 11:22 - 000002261 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-19 17:33 - 2018-08-20 17:09 - 000000000 ____D C:\ProgramData\Packages
2020-11-19 07:34 - 2019-10-19 12:02 - 791170880 _____ C:\WINDOWS\MEMORY.DMP
2020-11-19 06:45 - 2018-08-04 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2020-11-19 06:45 - 2018-08-04 21:22 - 000000000 ____D C:\Program Files\Native Instruments
2020-11-17 18:27 - 2017-12-28 15:20 - 000000000 ____D C:\Users\BevPC\AppData\Local\Packages
2020-11-17 18:10 - 2019-05-16 20:55 - 000000000 ____D C:\Users\BevPC\AppData\Local\PlaceholderTileLogoFolder
2020-11-17 18:09 - 2017-09-14 13:07 - 000000000 ___RD C:\Users\BevPC\OneDrive - Algonquin College
2020-11-16 19:47 - 2020-07-29 12:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-16 16:41 - 2017-09-18 17:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-15 14:17 - 2020-03-22 09:36 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voltage Modular
2020-11-15 00:01 - 2017-02-28 05:43 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-14 13:57 - 2017-09-18 19:54 - 000000000 ____D C:\ProgramData\Samsung
2020-11-13 07:42 - 2018-04-16 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-11-12 19:09 - 2020-04-16 13:33 - 000000000 _____ C:\Users\BevPC\Documents\MainAppLog.txt
2020-11-12 19:08 - 2020-04-14 13:24 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\BevPC\AppData\Roaming\msvcr90-ruby191.dll
2020-11-12 11:00 - 2020-02-19 03:10 - 000907064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-11-12 10:59 - 2020-07-29 12:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-11-11 08:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-11 08:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-11 08:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-11 08:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-11 08:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-11 08:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-11 01:11 - 2017-09-05 20:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 01:07 - 2017-09-05 20:28 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-09 08:29 - 2017-09-13 21:16 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-08 23:59 - 2017-12-28 17:17 - 000000000 ___RD C:\Users\BevPC\3D Objects
2020-11-08 23:59 - 2017-02-28 05:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-08 23:53 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-08 23:53 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-08 23:53 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-08 23:53 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-08 22:46 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\servicing
2020-11-08 21:58 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\Help
2020-11-08 21:58 - 2017-09-13 21:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-11-08 21:58 - 2017-02-28 05:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-11-08 18:49 - 2020-03-21 19:42 - 000000000 ____D C:\Users\BevPC\Documents\Rack
2020-11-08 15:46 - 2020-03-22 09:36 - 000001600 _____ C:\Users\BevPC\Desktop\Voltage Modular.lnk
2020-11-08 15:46 - 2020-03-22 09:36 - 000000000 ____D C:\ProgramData\Voltage
2020-11-06 11:16 - 2018-02-20 12:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-04 04:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\appcompat
2020-11-03 17:39 - 2017-09-14 09:58 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-11-03 17:34 - 2017-09-05 20:28 - 000000000 ____D C:\Program Files\UNP
2020-11-03 11:29 - 2020-04-21 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spitfire Audio
2020-11-03 11:29 - 2020-04-17 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polyverse
2020-11-03 11:29 - 2020-04-16 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2nd Sense
2020-11-03 11:29 - 2020-04-16 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infected Mushroom
2020-11-03 11:29 - 2020-04-16 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[BEN.SCHULZ]
2020-11-03 11:29 - 2020-04-14 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surge
2020-11-03 11:29 - 2020-04-14 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Gladiator full
2020-11-03 11:29 - 2020-04-14 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Firebird
2020-11-03 11:29 - 2020-04-14 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dexed
2020-11-03 11:29 - 2020-04-14 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helm
2020-11-03 11:29 - 2020-03-24 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\loopMIDI
2020-11-03 11:29 - 2020-01-15 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2020-11-03 11:29 - 2019-08-26 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft iPhone Data Recovery
2020-11-03 11:29 - 2019-05-08 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-11-03 11:29 - 2019-04-16 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2020-11-03 11:29 - 2019-03-18 23:56 - 000000000 ____D C:\WINDOWS\Setup
2020-11-03 11:29 - 2019-03-18 23:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-11-03 11:29 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-11-03 11:29 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-11-03 11:29 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-03 11:29 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\Registration
2020-11-03 11:29 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-03 11:29 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-03 11:29 - 2019-03-18 23:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-11-03 11:29 - 2018-10-16 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-03 11:29 - 2018-09-27 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-11-03 11:29 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-11-03 11:29 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-11-03 11:29 - 2018-08-11 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-11-03 11:29 - 2018-03-09 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texidium eReader
2020-11-03 11:29 - 2018-02-01 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Business Explorer
2020-11-03 11:29 - 2018-02-01 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAP Front End
2020-11-03 11:29 - 2018-02-01 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2020-11-03 11:29 - 2018-01-30 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-11-03 11:29 - 2017-11-16 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2020-11-03 11:29 - 2017-09-28 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-11-03 11:29 - 2017-09-18 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mendeley Desktop
2020-11-03 11:29 - 2017-09-14 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-03 11:29 - 2017-09-13 21:17 - 000000000 ____D C:\Program Files\Intel
2020-11-03 11:29 - 2017-09-13 21:15 - 000000000 ____D C:\Program Files (x86)\Intel
2020-11-03 11:29 - 2017-09-13 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-11-03 11:29 - 2017-02-28 05:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2020-11-03 11:29 - 2017-02-28 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-11-03 11:29 - 2017-02-28 05:28 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2020-11-03 11:29 - 2017-02-28 05:25 - 000000000 ____D C:\Program Files\CONEXANT
2020-11-03 11:24 - 2018-10-16 10:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-11-03 11:23 - 2020-06-13 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland
2020-11-03 11:23 - 2020-04-16 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\u-he
2020-11-03 11:23 - 2020-04-16 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synapse Audio
2020-11-03 11:23 - 2020-03-30 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tokyo Dawn Labs
2020-11-03 11:23 - 2020-03-20 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai Professional
2020-11-03 11:23 - 2019-09-02 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone
2020-11-03 11:23 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\Resources
2020-11-03 11:23 - 2018-04-20 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2020-11-03 11:23 - 2017-02-28 05:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2020-11-03 11:23 - 2017-02-28 05:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2020-11-03 11:22 - 2020-06-13 13:23 - 000000000 ____D C:\Program Files\Roland
2020-11-03 11:18 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-11-03 11:18 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-11-03 11:18 - 2019-03-18 23:52 - 000000000 ____D C:\PerfLogs
2020-11-03 11:17 - 2019-03-19 01:20 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-11-03 11:17 - 2019-03-19 01:20 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-11-03 10:53 - 2019-03-19 01:18 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-11-03 10:53 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-11-03 10:53 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-11-03 10:53 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-11-03 10:53 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-11-03 10:53 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\IME
2020-11-03 10:53 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-11-03 10:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-11-03 10:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-11-03 10:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-11-03 10:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-11-03 10:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-11-03 10:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-11-03 10:44 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-11-03 10:41 - 2019-03-19 01:19 - 000000000 ____D C:\WINDOWS\OCR
2020-11-03 09:20 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-11-03 09:13 - 2017-02-28 05:25 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2020-11-03 09:04 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-11-03 09:02 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-03 09:02 - 2019-03-18 23:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-11-03 08:43 - 2020-06-11 09:01 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-11-03 08:43 - 2017-09-14 09:25 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-03 08:41 - 2020-04-16 14:39 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HOFA
2020-11-03 08:41 - 2020-04-14 17:20 - 000000000 ____D C:\Users\BevPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Extent of the Jam
2020-11-03 08:37 - 2017-09-13 21:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2020-11-02 22:52 - 2017-02-28 05:16 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-02 22:15 - 2020-03-24 18:22 - 000000000 ____D C:\Program Files (x86)\ASIOLinkPro
 
==================== Files in the root of some directories ========
 
2020-11-19 07:35 - 2020-11-30 12:55 - 001388432 _____ () C:\Users\Public\VOIP.dat
2020-04-14 13:24 - 2020-11-12 19:08 - 001249792 _____ (http://www.ruby-lang.org/) C:\Users\BevPC\AppData\Roaming\msvcr90-ruby191.dll
2017-09-13 18:26 - 2020-11-30 12:54 - 000000184 _____ () C:\Users\BevPC\AppData\Roaming\sp_data.sys
2020-01-15 22:12 - 2020-01-16 07:18 - 000000187 _____ () C:\Users\BevPC\AppData\Roaming\wss.ini
2018-02-01 20:01 - 2018-03-01 19:16 - 000013824 _____ () C:\Users\BevPC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-12 18:49 - 2020-11-12 18:49 - 000007622 _____ () C:\Users\BevPC\AppData\Local\Resmon.ResmonCfg
2020-04-24 20:53 - 2020-04-24 20:53 - 000000000 _____ () C:\Users\BevPC\AppData\Local\{B7A270ED-B536-43A5-A83F-37D69EB3D982}
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-11-2020
Ran by BevPC (30-11-2020 14:05:11)
Running from C:\Users\BevPC\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-11-03 14:03:11)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2067428576-3587227036-2798591388-500 - Administrator - Disabled)
BevPC (S-1-5-21-2067428576-3587227036-2798591388-1003 - Administrator - Enabled) => C:\Users\BevPC
DefaultAccount (S-1-5-21-2067428576-3587227036-2798591388-503 - Limited - Disabled)
Guest (S-1-5-21-2067428576-3587227036-2798591388-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2067428576-3587227036-2798591388-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
2SEQ version 1.0.1 (HKLM-x32\...\{3F21368D-C290-4A49-B268-7D1C702E8FE1}_is1) (Version: 1.0.1 - 2nd Sense Audio Technology Co., Ltd.)
Ableton Live 10 Suite (HKLM\...\{82D69A09-36DC-4E62-9606-ADBA800A26C0}) (Version: 10.0.0.0 - Ableton)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20066 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.101 - ICEpower a/s)
Backup and Sync from Google (HKLM\...\{3A8CD593-8CF9-45B4-9932-FC41CBC14E15}) (Version: 3.53.3404.7585 - Google, Inc.)
BitTorrent (HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\BitTorrent) (Version: 7.10.5.45665 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.34 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.94.50 - Conexant)
Dada Life Pack (HKLM\...\{11C245F4-D7CE-44D7-8A66-8F397280BA82}) (Version: 2.0 - Dada Life)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.)
Dexed version 0.9.4 (HKLM\...\Dexed_is1) (Version: 0.9.4 - Digital Suburban)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Digits VST (HKLM-x32\...\DigitsVst) (Version:  - )
Diva (HKLM\...\{B00B1512-AA07-454A-9C7E-81B1815AA2BE}) (Version: 1.4.3.7422 - u-he)
Diva (HKLM\...\u-he Diva_is1) (Version: 1.4.3.7422 - Team V.R)
DUNE 3 (HKLM\...\{B446440C-10C3-47AB-8E80-1A540CD41387}) (Version: 3.0.7.0 - Synapse Audio Software)
Engineering Client Viewer 10.0 (HKLM-x32\...\SAP ECL Viewer 10.0) (Version: 10.1.4.16176 - SAP SE)
FabFilter Pro-Q 3.14 (HKLM-x32\...\FabFilter Pro-Q 3.14) (Version:  - )
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version:  - Tone2)
Gladiator  full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version: 3.0.0 - Tone2)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Helm (HKLM-x32\...\{03FAA295-7DC6-47CE-9F27-1E383A48B4BF}) (Version: 0.9.0.0 - Matt Tytel)
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
HY-Lofi2 version 1.0.4 (HKLM\...\HY-Lofi2_is1) (Version: 1.0.4 - )
iMyFone D-Back 7.2.0.5 (HKLM-x32\...\{071B9303-5881-4BC6-B9E9-2E2D22C015C1}_is1) (Version: 7.2.0.5 - Shenzhen iMyFone Technology Co., Ltd.)
Infected Mushroom - Wider version 1.0 (HKLM\...\{A7684FCF-245F-4C90-87EE-472DC3EC3868}_is1) (Version: 1.0 - Polyverse Music, Inc.)
Infected Mushroom Manipulator (HKLM\...\{34E5CF28-0E9D-49A8-91CA-054D18802589}) (Version: 1.0.3.0 - Polyverse)
Intel® Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jihosoft iPhone Data Recovery version 7.2.4 (HKLM-x32\...\{1E859503-2B3F-4AFC-ACA3-BFA89346E47F}_is1) (Version: 7.2.4 - HONGKONG JIHO CO., LIMITED)
JP-ME-1 (HKLM-x32\...\BBOMS_is1) (Version: 1.1.536 - [BEN/SCHULZ])
kikzilla 1.0.3 (HKLM-x32\...\kikzilla) (Version: 1.0.3 - intelligent sounds & music)
Kodi (HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\Kodi) (Version:  - XBMC Foundation)
loopMIDI (HKLM-x32\...\{6b220f45-42ca-435c-95fd-1764cb849122}) (Version: 1.0.16.27 - Tobias Erichsen)
loopMIDI (HKLM-x32\...\{DF96DB4C-DB0F-4CCF-9769-464BC9EA859F}) (Version: 1.0.16.27 - Tobias Erichsen) Hidden
loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
LPK25 Editor 2.0.2 (HKLM\...\{EC52DA3A-F76D-4BBB-82D6-389295D4E76F}) (Version: 2.0.2 - Akai Professional)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MediaHuman YouTube to MP3 Converter 3.9.9.43 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.43 - MediaHuman)
Mendeley Desktop 1.17.11 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.11 - Mendeley Ltd.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ (HKLM-x32\...\Native Instruments Audio 4 DJ) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ (HKLM-x32\...\Native Instruments Audio 8 DJ) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.4.0.445 - Native Instruments)
Native Instruments Massive (HKLM\...\{D7319DCF-46D8-44DE-9099-EFCB32CB3E16}) (Version: 1.5.5.0 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.0.133 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.11.2.11 - Native Instruments)
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 (HKLM-x32\...\Native Instruments Traktor Kontrol S4) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S5 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S5 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S8 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S8 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.2.0.60 - Native Instruments)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 457.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.09 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
Saffire PRO 2.6 (HKLM\...\Saffire PRO_is1) (Version: 2.6 - Focusrite Audio Engineering Ltd.)
SAP Business Client 6.5 (HKLM-x32\...\SAP_NWBC65) (Version: 6.5 PL0 - SAP SE)
SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.50 - SAP SE)
SAP GUI for Windows 7.50  (HKLM-x32\...\SAPGUI) (Version: 7.50 Compilation 1 - SAP SE)
Sonic Academy KICK 2 (HKLM\...\KICK 2_is1) (Version: 1.0.5 - Sonic Academy)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spitfire Audio (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.1.18 - Spitfire Audio Holdings Ltd)
Steinberg VST Classics 1 (HKLM-x32\...\{9B0C30E5-776F-4F62-B9E9-414018E0D9AD}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Surge 1.6.6 version 1.6.6 (HKLM-x32\...\650E559A-2F44-44FE-861F-4108AE4BC30F_is1) (Version: 1.6.6 - Vember Audio)
TAL-NoiseMaker (32bit) (HKLM-x32\...\{6D1EC26F-1998-404F-A6B3-47017B049935}) (Version: 1.3.7 - TAL - Togu Audio Line)
TAL-Reverb-2 (32bit) (HKLM-x32\...\{C1C34478-D58C-4D22-A5D7-B60FDD07CF62}) (Version: 1.3.7 - TAL - Togu Audio Line)
TAL-Reverb-3 (32bit) (HKLM-x32\...\{3460B0B4-BC11-44A6-AD80-A17A18383764}) (Version: 1.3.7 - TAL - Togu Audio Line)
TAL-Reverb-4 (32bit) (HKLM-x32\...\{65E529C9-3E39-4AF0-8635-A5CE33ABAFE2}) (Version: 1.3.7 - TAL - Togu Audio Line)
TB-3 Driver (HKLM\...\RolandRDID0144) (Version:  - Roland Corporation)
TDR Nova version 2.1.0 (HKLM\...\TDR Nova_is1) (Version: 2.1.0 - Tokyo Dawn Labs)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
TechSmith Relay (HKLM-x32\...\{A02B3DD1-681D-48B9-8CC5-56ADE8755264}) (Version: 5.1.4.999 - TechSmith Corporation)
teVirtualMIDI64 (HKLM\...\{2F802731-3731-453E-B30B-4381BEED22AC}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden
Texidium Windows Desktop eReader (HKLM-x32\...\{312cc674-27a3-44f8-ad79-407742c8dfc1}) (Version: 2.1.1195.0 - Texidium Solutions Inc.)
Texidium Windows Desktop eReader (HKLM-x32\...\{ECB6F195-60F8-44FD-91A8-36615323375E}) (Version: 2.1.1195.0 - Texidium Solutions Inc.) Hidden
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version:  - Microsoft)
VCV Rack (HKLM\...\VCV Rack) (Version: 1.1.6 - VCV)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Voltage Modular (HKLM\...\Voltage Modular) (Version: 2.0.17 - Cherry Audio)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (10/21/2015 8.0.0.19) (HKLM\...\DE393C6A9AB085F9E19765D003555C3D360497DB) (Version: 10/21/2015 8.0.0.19 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.13.6.0_x86__kgqvnymyfvs32 [2020-10-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.181.400.0_x86__kgqvnymyfvs32 [2020-11-12] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-07] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.5.3.0_x86__h6adky7gbf63m [2020-11-18] (Gameloft SE)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.2.1.2_x86__h6adky7gbf63m [2020-11-10] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.10004.0_x64__8wekyb3d8bbwe [2020-11-18] (Microsoft Studios)
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-04-28] (ASUSTeK COMPUTER INC.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-29] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-11-12] (Adobe Systems Incorporated)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-09-18] (Samsung Electronics Co. Ltd.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2067428576-3587227036-2798591388-1003_Classes\CLSID\{04271989-C4D2-3704-1D85-C41F96016F32} -> [OneDrive - Algonquin College] => C:\Users\BevPC\OneDrive - Algonquin College [2017-09-14 13:07]
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-11-03] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-28] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-11-03] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [85504 2009-12-05] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2015-12-02 21:01 - 2015-12-02 21:01 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-02 21:01 - 2015-12-02 21:01 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-02 21:01 - 2015-12-02 21:01 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2015-12-02 21:01 - 2015-12-02 21:01 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-12-02 21:01 - 2015-12-02 21:01 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-12-02 21:01 - 2015-12-02 21:01 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2020-11-03 09:13 - 2018-03-13 10:21 - 001173504 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2067428576-3587227036-2798591388-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2067428576-3587227036-2798591388-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-10-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-10-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2017-04-28] (SAP SE -> SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2017-04-28] (SAP SE -> SAP, Walldorf)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\sharepoint.com -> hxxps://algonquinlivecom.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 06:47 - 2020-11-15 00:54 - 000000918 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\Control Panel\Desktop\\Wallpaper -> c:\users\bevpc\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{e807a349-5b30-4492-85b7-c373d1693fb2}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "Host Services x64.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Reflect UI"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "FonePaw iPhone Data RecoveryAppService"
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\StartupApproved\Run: => "loopMIDI"
HKU\S-1-5-21-2067428576-3587227036-2798591388-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F36E04C7-352F-47D2-A709-7B9832B62B44}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48441662-84AE-47E9-9D4E-F2D6454228A7}] => (Allow) C:\Users\BevPC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D6AAA4B1-CF27-4447-A36A-EED2EECB6FD6}] => (Allow) C:\Users\BevPC\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1F99B582-0901-428C-8583-40C0FCBDAB16}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01855D8D-75AF-4B26-8270-87DB6370A9DB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A13885AB-55DA-439E-B7D6-5D4A8EB9C839}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B55E547-D972-4C15-9091-D4275FB0AAD3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{946D1363-B8AC-4070-A471-9C6BF5246EDC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{38DDF7EE-310E-473F-9DEE-525BABB665EE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{2208218E-AA9D-4BA3-96A3-EC2DDB8D138E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A28E526-BAFE-4255-8CE9-89358D3AAFE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C0A002E9-9142-4467-9FFB-3EAA5EB5D7C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{405A4A84-6DF1-4716-9704-412583FC57B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{613223D2-652B-400A-82E4-7556E9F27CBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{D8F88A2A-D1F9-4E81-B110-3C6D00258401}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{67D9960B-9B06-483F-A544-1C10812CC6A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{8D36E66C-79A0-4AF4-B3A9-CF7456A28E5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{684E31F5-538F-477B-9C8B-ABF30E7B952B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{21DE9962-02A5-4BA7-B21E-3AB522918B86}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{22A6A719-AD88-4A34-8F49-87042E2D7C89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [TCP Query User{5ECD5706-0C34-4E8A-8E75-0679DB1C414F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{87205565-00B4-4706-B6EF-98EA41C9B97C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{118C7517-E262-4BB0-9D0F-AAA7AE5E3252}] => (Allow) C:\Users\BevPC\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F1D8B368-CD7B-42CB-84EE-EC0B0F208EFA}] => (Allow) C:\Users\BevPC\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{3C702B6E-BAD0-4DB7-85FA-48E194630941}C:\program files\native instruments\traktor 2\traktor.exe] => (Block) C:\program files\native instruments\traktor 2\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [UDP Query User{E285A81F-D106-496F-8A11-5262BE3A60B0}C:\program files\native instruments\traktor 2\traktor.exe] => (Block) C:\program files\native instruments\traktor 2\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [TCP Query User{36585A14-7152-4E25-9313-2FB159157E06}C:\program files\native instruments\traktor 2\traktor.exe] => (Block) C:\program files\native instruments\traktor 2\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [UDP Query User{AFA3B8EC-6DC2-43BA-9DF1-36CE9B7557AE}C:\program files\native instruments\traktor 2\traktor.exe] => (Block) C:\program files\native instruments\traktor 2\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [{A4626562-6A9A-4546-B3E8-C7332C4D0E54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{913E15D8-DCDE-4140-B9EB-CE9D52DA7AE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E5103127-F982-41E7-9874-D73BED7367A5}C:\program files\native instruments\traktor pro 3\traktor.exe] => (Block) C:\program files\native instruments\traktor pro 3\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [UDP Query User{B34864B4-12A0-4C03-A6F7-19C8E800B07D}C:\program files\native instruments\traktor pro 3\traktor.exe] => (Block) C:\program files\native instruments\traktor pro 3\traktor.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [{9F15E9C0-124B-4122-BBAF-3407161EB5B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B20C5E8-458D-4F68-8105-6F2554A9B79A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E95FDDC-1AEE-4147-B86C-9B20A284A08A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{12AC9660-2540-4607-8495-35E0F54B31B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DA8220F-860E-4BD1-9FF6-0CF0465E8AC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DBFE2F85-10BD-4C5C-8F5E-C8FADD2A61AE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{852597BF-0CC7-4609-8B3E-B89E169E82CD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{82F2265C-3F9E-4CF8-9D63-003B65FD4F89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1CEE5FCA-38A5-4546-93C9-A49B1820392E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B5476C6-AE83-4DCB-A955-0F734323E63B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A6B1A7B-DF47-4CA9-9E4B-1CAB1774262D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9EAE649B-663D-4C5F-853E-407ACAB7808C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CA54EE4E-6BEB-4A3D-9B7A-0A784DD8CB8A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2F9064B9-ED90-4D15-B3EE-98968B9D4D33}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF54BDDF-B6E6-4D12-B161-A996991812BD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1AF934BD-201B-4F80-8545-13F605BB631A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C95598F1-B452-488C-8C5D-E0789EEC4DEE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (11/30/2020 01:23:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7220,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (11/30/2020 01:14:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2624,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (11/30/2020 01:08:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2864,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (11/30/2020 12:51:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: aesm_service.exe, version: 2.11.100.3, time stamp: 0x5fa58775
Faulting module name: MSVCP120.dll, version: 12.0.21005.1, time stamp: 0x524f8413
Exception code: 0xc0000005
Fault offset: 0x000000000003e6fd
Faulting process id: 0x2e30
Faulting application start time: 0x01d6c7415d73b6f7
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fafb1d329fdfe2c6\aesm_service.exe
Faulting module path: C:\WINDOWS\SYSTEM32\MSVCP120.dll
Report Id: 37fc1b41-832d-4d55-a905-e78f7c180a6a
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/30/2020 12:50:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: aesm_service.exe, version: 2.10.100.2, time stamp: 0x5f6a3c54
Faulting module name: MSVCP120.dll, version: 12.0.21005.1, time stamp: 0x524f8413
Exception code: 0xc0000005
Fault offset: 0x000000000003e6fd
Faulting process id: 0x2884
Faulting application start time: 0x01d6c73b96183f59
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_c90305b9fc98596f\aesm_service.exe
Faulting module path: C:\WINDOWS\SYSTEM32\MSVCP120.dll
Report Id: f9772e9b-3fef-40c0-9198-de395760e402
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/30/2020 12:50:51 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv; Description = Windows Update; Error = 0x80070422).
 
Error: (11/30/2020 12:50:14 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1190_none_1716e3ef2a15f08c\TiWorker.exe -Embedding; Description = Windows Modules Installer; Error = 0x80070422).
 
Error: (11/30/2020 12:50:13 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv; Description = Windows Update; Error = 0x80070422).
 
 
System errors:
=============
Error: (11/30/2020 12:53:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SystemServices service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (11/30/2020 12:53:27 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Malwarebytes Service service did not shut down properly after receiving a preshutdown control.
 
Error: (11/30/2020 12:51:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® SGX AESM service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (11/30/2020 12:51:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel® SGX AESM service terminated with the following error: 
Unspecified error
 
Error: (11/30/2020 12:50:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® SGX AESM service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.
 
Error: (11/30/2020 12:50:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel® SGX AESM service terminated with the following error: 
Unspecified error
 
Error: (11/30/2020 12:07:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SystemServices service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (11/30/2020 12:07:05 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-HALUPV1)
Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess
 
 
Windows Defender:
===================================
Date: 2020-11-30 13:17:20.075
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Linux/CoinMiner.O!MTB
ID: 2147761881
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\App Deploy\system
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\BevPC\AppData\Local\Temp\EF3E940-69E5B480-41367920-5FE698E0\Fk2FyKaU.exe
Security intelligence Version: AV: 1.327.1834.0, AS: 1.327.1834.0, NIS: 1.327.1834.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-30 07:13:08.143
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Occamy.B
ID: 2147725576
Severity: Severe
Category: Trojan
Path: file:_C:\Users\BevPC\AppData\Local\Temp\Rar$EXb13856.20368\Keygen by R2R\Ableton_KeyGen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Security intelligence Version: AV: 1.327.1819.0, AS: 1.327.1819.0, NIS: 1.327.1819.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-30 07:11:48.372
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Occamy.B
ID: 2147725576
Severity: Severe
Category: Trojan
Path: file:_C:\Users\BevPC\Downloads\Ableton_KeyGen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.327.1819.0, AS: 1.327.1819.0, NIS: 1.327.1819.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-30 07:11:20.780
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Occamy.B
ID: 2147725576
Severity: Severe
Category: Trojan
Path: file:_C:\Users\BevPC\AppData\Local\Temp\Rar$DRb9220.9695\Keygen by R2R\Ableton_KeyGen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.327.1819.0, AS: 1.327.1819.0, NIS: 1.327.1819.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-30 07:10:56.397
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Occamy.B
ID: 2147725576
Severity: Severe
Category: Trojan
Path: file:_C:\Users\BevPC\AppData\Local\Temp\Rar$EXb9220.7449\Keygen by R2R\Ableton_KeyGen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Security intelligence Version: AV: 1.327.1819.0, AS: 1.327.1819.0, NIS: 1.327.1819.0
Engine Version: AM: 1.1.17600.5, NIS: 1.1.17600.5
 
Date: 2020-11-30 11:59:10.379
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-11-30 11:48:19.373
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-11-30 11:41:54.199
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.327.1819.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17600.5
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
 
Date: 2020-11-30 11:31:52.475
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-11-30 11:25:38.442
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
CodeIntegrity:
===================================
 
Date: 2020-11-15 00:48:32.177
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-11-15 00:48:30.587
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-11-15 00:48:19.743
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-11-15 00:48:19.463
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-11-15 00:48:18.281
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-11-15 00:48:16.731
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-11-15 00:48:10.801
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-11-15 00:48:10.587
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. GL752VW.214 04/18/2016
Motherboard: ASUSTeK COMPUTER INC. GL752VW
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 39%
Total physical RAM: 16252.02 MB
Available physical RAM: 9824.61 MB
Total Virtual: 18684.02 MB
Available Virtual: 11717.73 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:893.15 GB) (Free:420.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:14.83 GB) (Free:1.15 GB) FAT32
 
\\?\Volume{f423d1a8-a64d-4f8c-9ed5-a5377efafd08}\ () (Fixed) (Total:0.84 GB) (Free:0.31 GB) NTFS
\\?\Volume{ab7ea00b-0500-4ef3-a961-156e6c21598a}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 894.3 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 14.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements







Similar Topics

2 user(s) are reading this topic

1 members, 1 guests, 0 anonymous users


    BMiles

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP