Active Malware issues

Broni

Posts: 55,752   +502
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

1. Please observe forum rules. All logs have to pasted, not attached.
2. State the computer issues.
 

stevebig

Posts: 11   +0
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by USER (administrator) on ACERSTEVE (Acer Nitro AN515-55) (10-06-2021 17:51:19)
Running from C:\Users\USER\Downloads
Loaded Profiles: USER
Platform: Windows 10 Home Single Language Version 20H2 19042.985 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Blackmagic Design Pty Ltd -> ) C:\Program Files\Blackmagic Design\Desktop Video\DesktopVideoHelper.exe
(Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\Box.Desktop.UpdateService.exe
(Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\Box.exe
(Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\FS\streem.exe
(Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\UI\BoxUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\123.4.4832\QtWebEngineProcess.exe <3>
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <39>
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_badc5acaa5648e9d\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHeciSvc.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\USER\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
(NortonLifeLock Inc. -> ) C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_301ecb2c4867261f\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe <2>
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAP.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\USER\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(ZeroTier, Inc. -> ) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe
(ZeroTier, Inc. -> ZeroTier, Inc) C:\Program Files (x86)\ZeroTier\One\ZeroTier One.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe [1201968 2020-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Box] => C:\Program Files\Box\Box\Box.exe [6449240 2021-04-15] (Box, Inc. -> Box, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [170240 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172320 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2070248933-3621112216-831521933-1001\...\Run: [ZeroTier One] => C:\Program Files (x86)\ZeroTier\One\ZeroTier One.exe [1221504 2021-04-21] (ZeroTier, Inc. -> ZeroTier, Inc)
HKU\S-1-5-21-2070248933-3621112216-831521933-1001\...\Run: [GoogleChromeAutoLaunch_5F84849B2B55F3FB722B227E29B35DDB] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2070248933-3621112216-831521933-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\Windows\system32\custmon64.dll [87040 2020-01-30] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-05] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02468474-21D4-4228-8162-651F0DB934EF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03E5D14E-630C-45A9-A1E1-D123A46BFE9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-25] (Google LLC -> Google LLC)
Task: {057EC837-4CB0-40FC-9844-9E1CF799B17B} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2019-12-19] (Acer Incorporated -> Acer Incorporated)
Task: {0934518B-85A9-4792-9817-1B8A30EC7E90} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [151080 2020-04-01] (Acer Incorporated -> Microsoft)
Task: {0F466105-2022-4718-93FB-7C8191E1C66E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1ABC766B-64FB-4EFE-AFDA-AEE1536F5923} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {20CE49AD-1B2A-440A-9DBD-0CCD82641DE7} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {22178E9A-C427-4527-BF72-CD039AD234FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28985472 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {24E326D9-75BD-4BDA-A02A-96B0ED62023B} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [63488 2019-08-02] (GoTrustID Inc. -> )
Task: {25865AD5-8736-40A5-B509-695F3F827900} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {2750A6DD-D76E-4A4A-AD01-4BFF102DC21E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4AEDD74A-B4F8-4164-B42E-B763D7787025} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {50EF0337-D639-4511-AFF4-8156FABB5769} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stefanobigoloni@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {573C1BC5-6296-44C6-B664-86877735DD16} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-07] (Piriform Software Ltd -> Piriform)
Task: {597C5A4C-08A4-4C8D-B772-AB7F46863395} - System32\Tasks\App Explorer => C:\Users\USER\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7968424 2020-12-03] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {61A68B15-1779-4460-B421-1C2088CF7282} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {626CEF55-5FAE-4A95-991A-4E4C53351907} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6E69EA2B-FAD0-43ED-B150-25A042390D61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-25] (Google LLC -> Google LLC)
Task: {73424D07-4887-4F5D-952B-D7DD92EC3D84} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {765D485A-6715-4F08-92BA-F73187B9FA0B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {82E1BF79-3A8E-41DA-B7AF-CD8BF399B0DF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8DC205CD-0D9B-4106-A730-9DEC50E068E6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {957A966F-C433-42F7-AFEE-27EBF4987B9D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {967E5FA8-9618-45AD-B82F-059DE6B85458} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {98AD7F4C-459F-4C6E-AD26-3C54AC8C028D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DE4F64B-E4BC-461A-8027-E252BFFAA057} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609048 2020-01-18] (Acer Incorporated -> Acer Incorporated)
Task: {A7D52407-EEA7-47AC-980A-F7220F5BD109} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABA3DF3A-96A3-4A22-8802-C95B0FB91A30} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> )
Task: {AE006B57-C3B4-492B-8426-8087DEA6899E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B003F967-C50C-4361-8BCF-62F5DF118677} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> )
Task: {B2533236-58EC-4B48-A57F-C2783576402D} - System32\Tasks\CareCenter\GoogleDriveSync_Reg_HKCURun_S-1-5-21-2070248933-3621112216-831521933-1001 => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
Task: {B74CD5D9-6C5C-44C0-BFBF-C3D73B97C9EF} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {BA7EC7AB-65AD-40AB-89DA-A0B01985D10D} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> )
Task: {C08F006C-9315-49AD-88BB-C8BE4B601F77} - System32\Tasks\AcerCMUpdateTask2.1.20072 => C:\Program Files (x86)\Acer\Amundsen\2.1.20072\AWC.exe [153128 2020-03-13] (Acer Incorporated -> )
Task: {C0FB1E3A-D693-4AD5-8F23-2EF192769A89} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {C3543B6E-0C55-40EE-996E-AB35579CC1B2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D195B83F-19C3-485D-9F23-AFC95A0E0104} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4856576 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {D4F0BC2B-118F-4A6A-970B-8A16AE3D7608} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5511EC6-9728-4546-9A09-151EAC104343} - System32\Tasks\Firefox Default Browser Agent 914F368222809976 => C:\Users\USER\AppData\Roaming\ggrggwv [65440 2021-05-25] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
Task: {E2541404-080B-4297-B316-4C47539A0848} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-06-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EB116A69-689A-4FCE-98A4-9063C0E09378} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-06-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EDE9CB1C-58DA-4E5E-ADA0-4B36F177A941} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {EE3FBAE0-C698-4228-993E-76EC288C9345} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F418A80A-DD03-447A-B65C-D81671381DF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8BEEE29-9487-4A62-8A01-F85DB3B54438} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 

stevebig

Posts: 11   +0
==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19a8ea97-56c7-4a90-a35b-64b268a578bc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5bc2b1d8-d039-4fed-b6cf-bf2cb7884fd5}: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\USER\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-10]
Edge HKU\S-1-5-21-2070248933-3621112216-831521933-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2020-04-27] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (English (US) Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org.xpi [2020-04-27]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2020-11-11] [Legacy]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2021-06-10]
CHR Notifications: Default -> hxxps://assistenzaclienti.aruba.it; hxxps://solidtorrents.net; hxxps://thethaiger.com; hxxps://webmailfreebeta.aruba.it; hxxps://www.acer.com; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "chrome://apps/","hxxps://mail.google.com/mail/ca/u/0/#inbox","hxxps://www.facebook.com/","hxxps://www.linkedin.com/feed/","hxxps://bx.in.th/login/","hxxps://www.lazada.co.th/index/viewOrderTracking/?spm=a2o4m.other.0.0.4560aeeaIqnEG7&orderNr=3754983662","hxxps://www.alibaba.com/product-detail/for-stage-light-DMX-512-Controller_60705945981.html?spm=a2700.10389535.c0001.1.5f63dab9ojFV9c","hxxps://message.alibaba.com/msgsend/contact.htm?spm=a2700.details.maonnacta.dmessage.788e6f29SeeTAe&action=contact_action&domain=1&id=60705945981&id_f=IDX1Xo3QvO80Hc3_PvfXxYx5AydXyTYxYIiTQ1-qefb9kG1iRcaM7H_h3JKu89v1FiMx&mloca=main_en_detail&tracelog=tracedetailfeedback&umidToken=Bc3f74fe7ba6f0a752c34aca40b9ccb9c","hxxps://www.deejay.it/radio/","hxxps://iqoption.com/lp/ultimate-trading/it/?active=crypto1&aff=36215&afftrack=Lamassu+bitcoin+machine","hxxp://192.168.1.1/login.html","hxxps://my.noip.com/#!/dynamic-dns","hxxps://192.168.1.110:8443/manage/account/login?redirect=%2Fmanage","hxxps://www.newlifephuket.com/checkin","hxxp:www.fidonav.com"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Google Translate) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-05-25]
CHR Extension: (Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-25]
CHR Extension: (Safe Torrent Scanner) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-06-03]
CHR Extension: (Kaspersky Protection) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-09]
CHR Extension: (Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-25]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-25]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-25]
CHR Extension: (LOTTERY) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacfdjpfljeakmjccippcmilephbhihm [2021-05-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-05-25]
CHR Extension: (Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-25]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-25]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2021-05-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-05-25]
CHR Extension: (Streaming Media Player) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggnklnmaecfofafepejcjcjkcohgcfb [2021-05-25]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2021-05-26]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-25]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2021-06-05]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-09]
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-10]
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-06-10]
CHR DefaultSearchURL: Profile 1 -> hxxps://sf16-sg.tiktokcdn.com/obj/eden-sg/uvkuhyieh7lpqpbj/pwa/512x512.png
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-29]
CHR Extension: (Kaspersky Protection) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-09]
CHR Extension: (Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-29]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-29]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-29]
CHR Extension: (A Passion) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elbejlmapdnkbjofccadjlkmcpggfclg [2021-05-29]
CHR Extension: (Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-29]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-29]
CHR Extension: (Translator) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hiidjliailpkjeigakikbfedlfijngih [2021-05-29]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-29]
CHR Extension: (TikTok) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlalbmkafgmoifbeooblidblkmlhhpnc [2021-05-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-29]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-09]
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-06-10]
CHR Extension: (Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-29]
CHR Extension: (Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-29]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-29]
CHR Extension: (Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-29]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-29]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-29]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-29]
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-10]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-2070248933-3621112216-831521933-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\USER\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2021-05-29]
CHR HKU\S-1-5-21-2070248933-3621112216-831521933-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
 

stevebig

Posts: 11   +0
==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [623360 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [370944 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8198768 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 BoxUpdateSvc; C:\Program Files\Box\Box\Box.Desktop.UpdateService.exe [97616 2021-04-15] (Box, Inc. -> Box, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-06-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-06-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\System32\DbxSvc.exe [44328 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [185432 2020-06-01] (Microsoft Windows Hardware Compatibility Publisher -> DTS Inc.)
R2 dvhlp; C:\Program Files\Blackmagic Design\Desktop Video\DesktopVideoHelper.exe [86008 2021-05-17] (Blackmagic Design Pty Ltd -> )
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
S4 Killer Analytics Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1748992 2020-01-11] (Rivet Networks LLC -> Rivet Networks)
S4 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2651640 2020-01-11] (Rivet Networks LLC -> Rivet Networks)
S4 Killer Wifi Optimization Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73704 2020-01-11] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 KNDBWM; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73712 2020-01-11] (Rivet Networks LLC -> Rivet Networks, LLC.)
S4 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [839960 2020-01-18] (Acer Incorporated -> Acer Incorporated)
S4 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S4 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [2787960 2020-05-28] (NortonLifeLock Inc. -> )
S4 vMixService; C:\Program Files (x86)\vMix\drivers\vMixService.exe [20992 2020-10-05] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 xTendSoftAPService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73720 2020-01-11] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 xTendUtilityService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73720 2020-01-11] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [1702272 2021-04-21] (ZeroTier, Inc. -> )
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_301ecb2c4867261f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_301ecb2c4867261f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [35800 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [216488 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [365592 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [250392 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [99352 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [17344 2021-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [41424 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [181072 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [523016 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [107936 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [83000 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851272 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [471480 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [215464 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [327104 2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 cbfsconnect2017; C:\Windows\system32\drivers\cbfsconnect2017.sys [480272 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 iaLPSS2_SPI_CNL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_cnl.inf_amd64_f9088e14bef268e6\iaLPSS2_SPI_CNL.sys [156936 2020-05-14] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_CNL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_cnl.inf_amd64_df1115697e57a59a\iaLPSS2_UART2_CNL.sys [305928 2020-05-14] (Intel Corporation -> Intel Corporation)
S3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [177272 2020-01-11] (Rivet Networks LLC -> Rivet Networks, LLC.)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [253736 2021-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [309104 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [115744 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [224880 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Streaming; C:\Windows\System32\drivers\BlackmagicStreaming.sys [27368 2021-05-19] (WDKTestCert build,131958900460134002 -> Blackmagic Design)
S3 Switchers; C:\Windows\System32\drivers\Switchers.sys [26592 2018-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Blackmagic Design)
R3 SymTAP; C:\Windows\System32\drivers\SymTAP.sys [52104 2020-05-28] (Symantec Corporation -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [425208 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 zttap300; C:\Windows\System32\drivers\zttap300.sys [31744 2020-11-24] (Microsoft Windows Hardware Compatibility Publisher -> ZeroTier Networks LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

stevebig

Posts: 11   +0
==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-10 17:50 - 2021-06-10 17:51 - 000075599 _____ C:\Users\USER\Downloads\Addition.txt
2021-06-10 17:48 - 2021-06-10 17:51 - 000046085 _____ C:\Users\USER\Downloads\FRST.txt
2021-06-10 17:48 - 2021-06-10 17:51 - 000000000 ____D C:\FRST
2021-06-10 17:47 - 2021-06-10 17:47 - 002300416 _____ (Farbar) C:\Users\USER\Downloads\FRST64.exe
2021-06-10 17:39 - 2021-06-10 17:39 - 000000000 __RDL C:\Users\USER\Box
2021-06-10 16:47 - 2021-06-10 16:47 - 000000000 ____D C:\Users\USER\AppData\Local\OneDrive
2021-06-10 16:38 - 2021-06-10 16:38 - 000000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2021-06-10 16:17 - 2021-06-10 17:28 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-06-09 21:01 - 2021-06-09 21:01 - 000309104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-06-09 20:58 - 2021-06-10 17:28 - 000002638 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-06-09 20:58 - 2021-06-10 16:48 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-06-09 20:58 - 2021-06-10 16:48 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-06-09 20:58 - 2021-06-09 20:58 - 000263888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-06-09 20:58 - 2021-06-09 20:58 - 000224880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-06-09 20:58 - 2021-06-09 20:58 - 000115744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-06-09 20:58 - 2021-06-09 20:58 - 000002154 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2021-06-09 20:58 - 2021-06-09 20:58 - 000002154 _____ C:\ProgramData\Desktop\Kaspersky Anti-Virus.lnk
2021-06-09 20:58 - 2021-06-09 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2021-06-09 20:58 - 2021-06-09 20:58 - 000000000 ____D C:\Program Files\Common Files\AV
2021-06-09 20:58 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-06-09 20:58 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-06-09 20:58 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-06-09 20:57 - 2021-06-09 20:57 - 002762168 _____ (Kaspersky) C:\Users\USER\Downloads\kav21.3.10.391abit_25630.exe
2021-06-09 19:33 - 2021-06-10 16:52 - 000000000 ____D C:\Users\USER\AppData\Local\ElevatedDiagnostics
2021-06-09 19:32 - 2021-06-09 19:32 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2021-06-09 17:20 - 2021-06-10 17:45 - 000000000 ____D C:\Program Files\CCleaner
2021-06-09 17:20 - 2021-06-10 17:28 - 000003194 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-06-09 17:20 - 2021-06-10 17:28 - 000002236 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-06-09 17:20 - 2021-06-09 17:20 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-06-09 17:20 - 2021-06-09 17:20 - 000000867 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-06-09 17:20 - 2021-06-09 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-06-09 17:19 - 2021-06-09 17:19 - 036141904 _____ (Piriform Software Ltd) C:\Users\USER\Downloads\ccsetup581.exe
2021-06-09 17:03 - 2021-06-09 17:03 - 002732604 _____ C:\Users\USER\Downloads\Autoruns.zip
2021-06-09 16:50 - 2021-06-09 16:50 - 000000000 ___HD C:\$AV_AVG
2021-06-09 16:48 - 2021-06-09 16:48 - 000000000 ____D C:\Users\USER\AppData\Local\RCS_LT
2021-06-08 14:19 - 2021-06-09 19:33 - 000002063 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2021-06-08 14:19 - 2021-06-09 19:33 - 000002063 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2021-06-08 14:19 - 2021-06-08 14:19 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2021-06-08 14:19 - 2021-06-08 14:19 - 000000000 ____D C:\Users\USER\AppData\Roaming\AVG
2021-06-08 14:19 - 2021-06-08 14:19 - 000000000 ____D C:\Users\USER\AppData\Local\AVG
2021-06-08 14:18 - 2021-06-10 17:28 - 000003250 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2021-06-08 14:18 - 2021-06-08 14:18 - 000851272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000523016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000471480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000365592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2021-06-08 14:18 - 2021-06-08 14:18 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000250392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000216488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000181072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000107936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000099352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000083000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000035800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000017344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgElam.sys
2021-06-08 14:18 - 2021-06-08 14:18 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2021-06-08 14:18 - 2021-06-08 14:18 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-06-08 14:17 - 2021-06-08 14:17 - 000000000 ____D C:\Program Files\AVG
2021-06-08 14:16 - 2021-06-10 17:39 - 000000000 ____D C:\ProgramData\AVG
2021-06-08 14:11 - 2021-06-08 14:11 - 000056067 _____ C:\Users\USER\Documents\Denuncia vi@ web.pdf
2021-06-06 18:56 - 2021-06-07 17:41 - 000000000 ____D C:\Users\USER\Documents\MyEasyMenu.cloud
2021-06-05 18:49 - 2021-06-05 18:49 - 004568443 _____ C:\Users\USER\Downloads\vmix-pro-crack-(xAQFAI9GAgBUSBcAEgA).zip
2021-06-05 18:27 - 2021-06-05 18:31 - 000000000 ____D C:\Users\USER\AppData\Roaming\Astalavista
2021-06-05 18:27 - 2021-06-05 18:27 - 000000000 ____D C:\Users\USER\AppData\Local\astalavista-updater
2021-06-05 18:17 - 2021-06-05 19:01 - 000083546 _____ C:\Users\USER\AppData\Roaming\last.vmix
2021-06-05 18:13 - 2021-06-05 18:13 - 000000000 ____D C:\Users\USER\AppData\Local\StudioCoast Pty Ltd
2021-06-05 18:13 - 2021-06-05 18:13 - 000000000 ____D C:\ProgramData\vMixNDIHelper
2021-06-05 18:12 - 2021-06-05 18:12 - 000001104 _____ C:\Users\Public\Desktop\vMix Social.lnk
2021-06-05 18:12 - 2021-06-05 18:12 - 000001104 _____ C:\ProgramData\Desktop\vMix Social.lnk
2021-06-05 18:12 - 2021-06-05 18:12 - 000001036 _____ C:\Users\Public\Desktop\vMix (x64).lnk
2021-06-05 18:12 - 2021-06-05 18:12 - 000001036 _____ C:\ProgramData\Desktop\vMix (x64).lnk
2021-06-05 18:12 - 2021-06-05 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vMixSocial
2021-06-05 18:12 - 2021-06-05 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vMix
2021-06-05 18:12 - 2021-06-05 18:12 - 000000000 ____D C:\Program Files (x86)\vMixSocial
2021-06-05 18:12 - 2021-06-05 18:12 - 000000000 ____D C:\Program Files (x86)\vMix Video Codec
2021-06-05 18:12 - 2020-09-17 12:50 - 000472576 _____ C:\Windows\system32\vMixVideoCodec_x64.dll
2021-06-05 18:12 - 2020-09-17 12:50 - 000334848 _____ C:\Windows\SysWOW64\vMixVideoCodec_x86.dll
2021-06-05 18:12 - 2018-04-11 22:30 - 000576744 _____ (Intel Corporation) C:\Windows\system32\tbb.dll
2021-06-05 18:12 - 2018-04-11 22:30 - 000453352 _____ (Intel Corporation) C:\Windows\SysWOW64\tbb.dll
2021-06-05 18:11 - 2021-06-09 19:09 - 000000000 ____D C:\ProgramData\vMix
2021-06-05 18:11 - 2021-06-05 18:16 - 000000000 ____D C:\Program Files (x86)\vMix
2021-06-05 17:50 - 2021-06-05 17:51 - 160381394 ____R C:\Users\USER\Downloads\A2zCrack.com vMix Pro 20.Multilingual.rar
2021-06-05 17:41 - 2021-06-05 17:41 - 000000000 ____D C:\Users\USER\Desktop\vMix 14 Full (All Version In One)
2021-06-05 17:39 - 2021-06-05 17:39 - 000000000 ____D C:\Users\USER\Documents\vMixStorage
2021-06-05 16:52 - 2021-06-05 21:49 - 000000000 ____D C:\Users\USER\AppData\Roaming\Smart Clock
2021-06-05 16:52 - 2021-06-05 16:52 - 000000000 ____D C:\ProgramData\Posse
2021-06-05 16:52 - 2021-06-05 16:52 - 000000000 ____D C:\Program Files (x86)\foler
2021-06-05 16:32 - 2021-06-05 17:54 - 000000000 ____D C:\Users\USER\AppData\Local\StudioCoast_Pty_Ltd
2021-06-05 16:32 - 2021-06-05 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicYUV
2021-06-05 16:32 - 2021-06-05 16:32 - 000000000 ____D C:\Program Files (x86)\QuickTime
2021-06-05 16:32 - 2021-06-05 16:32 - 000000000 ____D C:\Program Files (x86)\MagicYUV
2021-06-05 16:32 - 2015-03-04 03:55 - 001019392 _____ C:\Windows\system32\magicyuv.dll
2021-06-05 16:32 - 2015-03-04 03:55 - 000886784 _____ C:\Windows\SysWOW64\magicyuv.dll
2021-06-05 16:30 - 2021-06-05 16:30 - 425551912 _____ (StudioCoast ) C:\Users\USER\Downloads\vmix24.exe
2021-06-05 16:20 - 2021-06-05 16:20 - 000000000 ____D C:\Users\USER\AppData\Roaming\Masoner
2021-06-04 19:18 - 2021-06-10 17:19 - 000002672 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2021-06-04 19:18 - 2021-06-10 17:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-04 19:18 - 2021-06-10 17:09 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-06-03 23:16 - 2021-06-04 14:21 - 000000000 ____D C:\Users\USER\Downloads\VectorWorks 2021 SP2.1
2021-06-03 23:13 - 2021-06-03 23:17 - 000000000 ____D C:\Users\USER\Downloads\Vectorworks.2019-SP5 + Crack [KolomPC]
2021-06-03 21:56 - 2021-06-03 21:57 - 060021455 _____ C:\Users\USER\Downloads\Alien Skin Eye Candy 7.1.0.1191.zip
2021-06-03 19:14 - 2021-06-03 19:18 - 000000000 ____D C:\Users\USER\Downloads\Adobe Dreamweaver CC 2017 v17.1.0.9583 (x64) Portable [www.TechTools.ME]
2021-06-03 19:02 - 2021-06-03 21:45 - 000000000 ____D C:\Users\USER\AppData\Roaming\convert
2021-06-03 19:01 - 2021-06-10 17:28 - 000002710 _____ C:\Windows\system32\Tasks\Firefox Default Browser Agent 914F368222809976
2021-06-03 19:01 - 2021-06-09 18:01 - 000000000 ____D C:\Users\USER\AppData\Roaming\Cached files
2021-06-03 19:01 - 2021-06-08 14:20 - 000000000 ____D C:\Users\USER\AppData\Roaming\PnPUnattend
2021-06-03 19:01 - 2021-06-08 14:20 - 000000000 ____D C:\Users\USER\AppData\Roaming\MDEServer
2021-06-03 19:01 - 2021-06-08 14:20 - 000000000 ____D C:\Users\USER\AppData\Roaming\fltMC
2021-06-03 19:01 - 2021-06-03 21:45 - 000000000 ___HD C:\Users\USER\AppData\Roaming\ConfigsEx
2021-06-03 19:01 - 2021-06-03 21:45 - 000000000 ____D C:\Users\USER\AppData\Roaming\cttunesvr
2021-06-03 19:01 - 2021-06-03 21:44 - 000000000 ____D C:\Users\USER\AppData\Roaming\mmc
2021-06-03 19:01 - 2021-06-03 19:01 - 000001113 _____ C:\Users\USER\Desktop\Adobe Dreamweaver CC 2017.lnk
2021-06-03 18:58 - 2021-06-03 18:58 - 000001068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-06-03 18:58 - 2021-06-03 18:58 - 000001056 _____ C:\Users\USER\Desktop\Adobe Photoshop 2021.lnk
2021-06-03 18:43 - 2021-06-03 18:44 - 000000000 ___RD C:\Users\USER\Dropbox
2021-06-03 18:43 - 2021-06-03 18:43 - 000001303 _____ C:\Users\USER\Desktop\Dropbox.lnk
2021-06-03 18:37 - 2021-06-10 17:39 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2021-06-03 18:37 - 2021-06-10 17:39 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2021-06-03 18:37 - 2021-06-10 17:28 - 000003438 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2021-06-03 18:37 - 2021-06-10 17:28 - 000003214 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2021-06-03 18:37 - 2021-06-03 18:43 - 000000000 ____D C:\Users\USER\AppData\Local\Dropbox
2021-06-03 18:37 - 2021-06-03 18:37 - 000000000 ____D C:\Users\USER\AppData\Roaming\Dropbox
2021-06-03 18:37 - 2021-06-03 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-06-03 18:37 - 2021-06-03 18:37 - 000000000 ____D C:\ProgramData\Dropbox
2021-06-03 18:37 - 2021-06-03 18:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-06-03 18:29 - 2021-06-10 17:39 - 000001263 _____ C:\Users\USER\Desktop\Box.lnk
2021-06-03 18:29 - 2021-06-03 18:29 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Drive.lnk
2021-06-03 18:29 - 2021-06-03 18:29 - 000000000 ____D C:\Users\USER\AppData\Local\Box
2021-06-03 18:29 - 2021-06-03 18:29 - 000000000 ____D C:\ProgramData\Box
2021-06-03 18:29 - 2021-06-03 18:29 - 000000000 ____D C:\Program Files\Box
2021-06-03 18:29 - 2019-10-07 10:28 - 000270088 _____ (Callback Technologies, Inc.) C:\Windows\system32\cbfsconnectNetRdr2017.dll
2021-06-03 18:29 - 2019-10-07 10:28 - 000234248 _____ (Callback Technologies, Inc.) C:\Windows\SysWOW64\cbfsconnectNetRdr2017.dll
2021-06-03 18:29 - 2019-10-07 10:28 - 000010504 _____ (Callback Technologies, Inc.) C:\Windows\system32\cbfsconnectevtmsg.dll
2021-06-03 18:29 - 2019-10-07 10:27 - 000189192 _____ (Callback Technologies, Inc.) C:\Windows\system32\cbfsconnectMntNtf2017.dll
2021-06-03 18:29 - 2019-10-07 10:27 - 000162056 _____ (Callback Technologies, Inc.) C:\Windows\SysWOW64\cbfsconnectMntNtf2017.dll
2021-06-03 18:29 - 2019-10-07 07:11 - 000480272 _____ (Callback Technologies, Inc.) C:\Windows\system32\Drivers\cbfsconnect2017.sys
2021-06-03 18:19 - 2021-06-03 18:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-03 18:19 - 2021-06-03 18:19 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2017.lnk
2021-06-03 18:19 - 2021-06-03 18:19 - 000000000 ____D C:\Users\USER\AppData\LocalLow\Adobe
2021-06-03 18:18 - 2021-06-03 18:58 - 000000000 ____D C:\Program Files\Adobe
2021-06-03 18:18 - 2021-06-03 18:18 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-06-03 18:18 - 2021-06-03 18:18 - 000001290 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-06-03 18:18 - 2021-06-03 18:18 - 000001290 _____ C:\ProgramData\Desktop\Adobe Creative Cloud.lnk
2021-06-03 18:16 - 2021-06-03 18:16 - 000000000 ____D C:\Users\USER\AppData\Roaming\Trimble Connect for SketchUp
2021-06-03 18:16 - 2021-06-03 18:16 - 000000000 ____D C:\Users\USER\AppData\Roaming\SketchUp
2021-06-03 18:16 - 2021-06-03 18:16 - 000000000 ____D C:\Users\USER\AppData\Local\SketchUp
2021-06-03 18:16 - 2021-06-03 18:16 - 000000000 ____D C:\ProgramData\Reprise
2021-06-03 18:14 - 2021-06-03 18:14 - 000001223 _____ C:\Users\Public\Desktop\Style Builder 2020.lnk
2021-06-03 18:14 - 2021-06-03 18:14 - 000001223 _____ C:\ProgramData\Desktop\Style Builder 2020.lnk
2021-06-03 18:14 - 2021-06-03 18:14 - 000001149 _____ C:\Users\Public\Desktop\LayOut 2020.lnk
2021-06-03 18:14 - 2021-06-03 18:14 - 000001149 _____ C:\ProgramData\Desktop\LayOut 2020.lnk
2021-06-03 18:14 - 2021-06-03 18:14 - 000001056 _____ C:\Users\Public\Desktop\SketchUp Pro 2020.lnk
2021-06-03 18:14 - 2021-06-03 18:14 - 000001056 _____ C:\ProgramData\Desktop\SketchUp Pro 2020.lnk
2021-06-03 18:14 - 2021-06-03 18:14 - 000000000 ____D C:\Users\USER\AppData\Local\Downloaded Installations
2021-06-03 18:14 - 2021-06-03 18:14 - 000000000 ____D C:\ProgramData\SketchUp
2021-06-03 18:14 - 2021-06-03 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2020
2021-06-03 18:14 - 2021-06-03 18:14 - 000000000 ____D C:\Program Files\SketchUp
2021-06-03 18:08 - 2021-06-03 18:12 - 000000000 ____D C:\Users\USER\Downloads\SketchUp Pro 2020 v20.2.172 (x64) + Patch
2021-06-03 18:06 - 2021-06-03 18:07 - 000000000 ____D C:\Users\USER\Downloads\Adobe Photoshop 2021 v22.4.1.211 (x64) + Pre-Activator
2021-06-03 17:53 - 2021-06-03 17:59 - 000000012 _____ C:\ProgramData\krosqm.txt
2021-06-03 17:51 - 2021-06-03 17:51 - 000001284 _____ C:\Users\USER\Desktop\Adobe Fireworks CS6.lnk
2021-06-03 17:50 - 2021-06-10 17:19 - 000002878 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stefanobigoloni@hotmail.com
2021-06-03 17:49 - 2021-06-03 18:19 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-06-03 17:49 - 2021-06-03 17:49 - 000001284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Fireworks CS6.lnk
2021-06-03 17:48 - 2021-06-03 18:58 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-06-03 17:48 - 2021-06-03 17:48 - 000001430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2021-06-03 17:48 - 2021-06-03 17:48 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-06-03 17:46 - 2021-06-04 13:45 - 000000000 ____D C:\ProgramData\Adobe
2021-06-03 17:45 - 2021-06-10 16:12 - 000000000 ____D C:\Users\USER\AppData\Local\Adobe
2021-06-03 17:45 - 2012-04-29 12:33 - 000000000 ____D C:\Users\USER\Downloads\Adobe Fireworks CS6
2021-06-03 17:38 - 2021-06-05 23:36 - 000000000 ____D C:\Users\USER\AppData\Local\BitTorrentHelper
2021-06-03 17:29 - 2021-06-03 17:36 - 000000000 ____D C:\Users\USER\AppData\Local\UT008
2021-06-03 17:17 - 2021-06-08 17:19 - 000000000 ____D C:\Users\USER\AppData\Local\com.surfeasy.se0211
2021-06-03 17:17 - 2021-06-03 17:19 - 000000000 ____D C:\ProgramData\SurfEasyService
2021-06-03 17:17 - 2021-06-03 17:17 - 000001242 _____ C:\Users\USER\Desktop\SurfEasy VPN.lnk
2021-06-03 17:17 - 2021-06-03 17:17 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SurfEasy VPN
2021-06-03 17:17 - 2021-06-03 17:17 - 000000000 ____D C:\ProgramData\SurfEasy VPN
2021-06-03 17:17 - 2021-06-03 17:17 - 000000000 ____D C:\Program Files (x86)\SurfEasy VPN
2021-06-03 17:03 - 2021-06-03 17:03 - 000000000 ____D C:\ProgramData\Apple Computer
2021-06-02 21:44 - 2021-06-02 21:44 - 000000000 ____D C:\Users\USER\AppData\Roaming\Subversion
2021-06-02 21:31 - 2021-06-02 21:31 - 000000000 ____D C:\Users\USER\AppData\Local\DBG
2021-06-02 20:19 - 2021-06-02 20:19 - 000002513 _____ C:\Users\USER\Desktop\UE5 Early Access.lnk
2021-06-01 23:39 - 2021-06-02 21:22 - 000000000 ____D C:\Users\USER\Documents\Unreal Projects
2021-06-01 23:39 - 2021-06-01 23:39 - 000000000 ____D C:\Users\USER\AppData\Roaming\Unreal Engine
2021-06-01 23:39 - 2021-06-01 23:39 - 000000000 ____D C:\Users\USER\AppData\Local\CrashReportClient
2021-06-01 22:54 - 2021-06-02 20:21 - 000000000 ____D C:\Program Files\Epic Games
2021-06-01 22:50 - 2021-06-02 21:21 - 000000000 ____D C:\Users\USER\AppData\Local\UnrealEngine
 

stevebig

Posts: 11   +0
2021-06-01 22:50 - 2021-06-01 23:40 - 000000000 ____D C:\ProgramData\Epic
2021-06-01 22:50 - 2021-06-01 22:50 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2021-06-01 22:50 - 2021-06-01 22:50 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2021-06-01 22:50 - 2021-06-01 22:50 - 000001258 _____ C:\ProgramData\Desktop\Epic Games Launcher.lnk
2021-06-01 22:50 - 2021-06-01 22:50 - 000000000 ____D C:\Users\USER\AppData\Local\UnrealEngineLauncher
2021-06-01 22:50 - 2021-06-01 22:50 - 000000000 ____D C:\Users\USER\AppData\Local\EpicGamesLauncher
2021-06-01 22:50 - 2021-06-01 22:50 - 000000000 ____D C:\Program Files (x86)\Epic Games
2021-06-01 22:49 - 2021-06-01 22:49 - 056791040 _____ C:\Users\USER\Downloads\EpicInstaller-12.1.7-unrealEngine.msi
2021-06-01 22:47 - 2021-06-01 22:49 - 3184765750 _____ C:\Users\USER\Downloads\Vectorworks2021-SP3-588748-SeriesBEG-installer1-win.zip
2021-06-01 22:36 - 2021-06-01 22:36 - 000000360 _____ C:\Users\USER\AppData\Local\panelShutdownData.xml
2021-06-01 22:34 - 2021-06-01 22:34 - 000000000 ____D C:\Users\USER\AppData\Local\Avolites
2021-06-01 22:32 - 2021-06-01 22:32 - 000000000 ____D C:\Users\USER\Documents\Titan
2021-06-01 22:32 - 2021-06-01 22:32 - 000000000 ____D C:\Users\USER\AppData\Roaming\Telemetry
2021-06-01 22:32 - 2021-06-01 22:32 - 000000000 ____D C:\ProgramData\qgRKoRe4
2021-06-01 22:24 - 2021-06-01 22:32 - 000000000 ____D C:\Users\USER\AppData\Local\Avolites_Ltd
2021-06-01 22:23 - 2021-06-10 17:32 - 000000000 ____D C:\Users\USER\AppData\Roaming\Avolites
2021-06-01 22:23 - 2021-06-10 17:32 - 000000000 ____D C:\ProgramData\CodeMeter
2021-06-01 22:23 - 2021-06-03 17:03 - 000000000 ____D C:\ProgramData\Apple
2021-06-01 22:23 - 2021-06-01 22:23 - 000862338 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2021-06-01 22:23 - 2021-06-01 22:23 - 000001103 _____ C:\Users\Public\Desktop\PRO DJ LINK Bridge.lnk
2021-06-01 22:23 - 2021-06-01 22:23 - 000001103 _____ C:\ProgramData\Desktop\PRO DJ LINK Bridge.lnk
2021-06-01 22:23 - 2021-06-01 22:23 - 000000000 ____D C:\Users\USER\AppData\Local\avodocs-updater
2021-06-01 22:23 - 2021-06-01 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRO DJ LINK Bridge
2021-06-01 22:23 - 2021-06-01 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewTek NDI 3.8 Runtime
2021-06-01 22:23 - 2021-06-01 22:23 - 000000000 ____D C:\Program Files\Pioneer
2021-06-01 22:23 - 2021-06-01 22:23 - 000000000 ____D C:\Program Files\NewTek
2021-06-01 22:23 - 2021-06-01 22:23 - 000000000 ____D C:\Program Files\Bonjour
2021-06-01 22:23 - 2021-06-01 22:23 - 000000000 ____D C:\Program Files (x86)\Bonjour
2021-06-01 22:22 - 2021-06-10 17:34 - 000000000 ____D C:\Program Files\Avolites
2021-06-01 22:22 - 2021-06-01 22:22 - 000000000 ____D C:\ProgramData\Avolites
2021-06-01 19:32 - 2021-06-01 19:32 - 000000000 ____D C:\Users\USER\AppData\Local\cache
2021-06-01 19:31 - 2021-06-01 22:14 - 000000000 ___RD C:\Users\USER\Documents\MagicQ
2021-06-01 19:31 - 2021-06-01 19:59 - 000000000 ____D C:\Users\USER\AppData\Roaming\MagicQ
2021-06-01 19:29 - 2021-06-10 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChamSys MagicQ
2021-06-01 19:28 - 2021-06-01 19:28 - 000000000 ____D C:\Program Files (x86)\ChamSys Ltd
2021-05-31 22:22 - 2021-05-31 22:22 - 000001210 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\LINE.lnk
2021-05-31 22:22 - 2021-05-31 22:22 - 000001208 _____ C:\Users\USER\Desktop\LINE.lnk
2021-05-31 22:22 - 2021-05-31 22:22 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LINE
2021-05-31 22:21 - 2021-05-31 22:22 - 000000000 ____D C:\Users\USER\AppData\Local\LINE
2021-05-31 22:20 - 2021-06-06 01:17 - 000000000 ____D C:\Users\USER\AppData\Roaming\WhatsApp
2021-05-31 22:20 - 2021-06-05 00:21 - 000000000 ____D C:\Users\USER\AppData\Local\WhatsApp
2021-05-31 22:20 - 2021-05-31 22:20 - 000002196 _____ C:\Users\USER\Desktop\WhatsApp.lnk
2021-05-31 22:20 - 2021-05-31 22:20 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-05-31 22:20 - 2021-05-31 22:20 - 000000000 ____D C:\Users\USER\AppData\Local\SquirrelTemp
2021-05-30 16:50 - 2021-05-30 16:50 - 000002368 _____ C:\Users\Public\Desktop\grandMA2 onPC 3.9.60.4.lnk
2021-05-30 16:50 - 2021-05-30 16:50 - 000002368 _____ C:\ProgramData\Desktop\grandMA2 onPC 3.9.60.4.lnk
2021-05-29 23:35 - 2021-05-29 23:35 - 000001686 _____ C:\Users\USER\Desktop\ATEM Software Control.lnk
2021-05-29 22:28 - 2021-05-29 22:30 - 1584775640 _____ C:\Users\USER\Downloads\Blackmagic_ATEM_Switchers_Windows_7.5.2.zip
2021-05-29 21:31 - 2021-05-29 23:26 - 000002436 _____ C:\Users\USER\Desktop\Hawa - Chrome.lnk
2021-05-29 21:07 - 2021-05-29 21:41 - 000000000 ____D C:\Windows\SysWOW64\QuickTime
2021-05-29 20:50 - 2021-05-29 23:36 - 000000000 ____D C:\Users\USER\Documents\ATEM Autosave
2021-05-29 20:41 - 2021-05-29 20:41 - 000000501 _____ C:\Users\USER\Desktop\Network Connections - Shortcut.lnk
2021-05-29 19:08 - 2021-05-29 21:30 - 000002392 _____ C:\Users\USER\Desktop\Stefano (Steve) - Chrome.lnk
2021-05-29 19:08 - 2021-05-29 19:16 - 000002436 _____ C:\Users\USER\Desktop\Sword (Sword Geisha) - Chrome.lnk
2021-05-28 21:06 - 2021-05-28 21:06 - 000013287 _____ C:\Users\USER\Downloads\bitfocus@companion_v2.0@00.xml
2021-05-28 21:04 - 2021-06-05 20:41 - 000000000 ____D C:\Users\USER\AppData\Roaming\Companion
2021-05-28 21:04 - 2021-05-28 21:04 - 000001860 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Companion.lnk
2021-05-28 21:04 - 2021-05-28 21:04 - 000001848 _____ C:\Users\Public\Desktop\Companion.lnk
2021-05-28 21:04 - 2021-05-28 21:04 - 000001848 _____ C:\ProgramData\Desktop\Companion.lnk
2021-05-28 21:04 - 2021-05-28 21:04 - 000000000 ____D C:\ProgramData\Companion
2021-05-28 21:04 - 2021-05-28 21:04 - 000000000 ____D C:\Program Files\Companion
2021-05-28 20:54 - 2021-05-28 20:54 - 000001149 _____ C:\Users\Public\Desktop\Stream Deck.lnk
2021-05-28 20:54 - 2021-05-28 20:54 - 000001149 _____ C:\ProgramData\Desktop\Stream Deck.lnk
2021-05-28 20:54 - 2021-05-28 20:54 - 000000000 ____D C:\Users\USER\AppData\Roaming\Elgato
2021-05-28 20:54 - 2021-05-28 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato
2021-05-28 20:54 - 2021-05-28 20:54 - 000000000 ____D C:\ProgramData\Elgato
2021-05-28 20:54 - 2021-05-28 20:54 - 000000000 ____D C:\Program Files\obs-studio
2021-05-28 20:54 - 2021-05-28 20:54 - 000000000 ____D C:\Program Files\Elgato
2021-05-28 20:54 - 2021-05-28 20:54 - 000000000 ____D C:\Program Files (x86)\OBS Studio - FTL
2021-05-28 15:47 - 2021-05-28 16:03 - 000000000 ____D C:\Users\USER\AppData\Roaming\ArKaos MediaMaster 5
2021-05-28 15:47 - 2021-05-28 15:52 - 000000000 ____D C:\ArkaosPro
2021-05-28 15:47 - 2021-05-28 15:47 - 000000000 ____D C:\VideoMapper
2021-05-28 15:47 - 2021-05-28 15:47 - 000000000 ____D C:\Users\USER\AppData\Roaming\Macromedia
2021-05-28 15:47 - 2021-05-28 15:47 - 000000000 ____D C:\Users\USER\AppData\Local\SafeNet Sentinel
2021-05-28 15:46 - 2021-06-09 19:45 - 000000000 ___HD C:\Users\USER\Documents\.tmp.drivedownload
2021-05-28 15:46 - 2021-05-28 15:46 - 000000000 ____D C:\Users\USER\Documents\ArKaos
2021-05-28 15:42 - 2021-05-28 15:46 - 000000000 ____D C:\Program Files\ArKaos MediaMaster 5.3.1
2021-05-28 15:42 - 2021-05-28 15:43 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArKaos MediaMaster 5.3.1
2021-05-28 15:42 - 2021-05-28 15:42 - 000000986 _____ C:\Users\USER\Desktop\MediaMaster.lnk
2021-05-28 15:38 - 2021-03-18 12:06 - 997676192 _____ C:\Users\USER\Downloads\ARKAOS 5.3.1.zip
2021-05-28 15:34 - 2021-05-28 15:34 - 000001185 _____ C:\Users\Public\Desktop\MA 3D v3.1.2.5.lnk
2021-05-28 15:34 - 2021-05-28 15:34 - 000001185 _____ C:\ProgramData\Desktop\MA 3D v3.1.2.5.lnk
2021-05-28 15:33 - 2021-05-28 15:33 - 000002357 _____ C:\Users\Public\Desktop\grandMA2 onPC 3.1.2.5.lnk
2021-05-28 15:33 - 2021-05-28 15:33 - 000002357 _____ C:\ProgramData\Desktop\grandMA2 onPC 3.1.2.5.lnk
2021-05-28 15:32 - 2021-05-28 15:33 - 000000000 ____D C:\Program Files\MA Lighting Technologies
2021-05-28 15:32 - 2021-05-28 15:32 - 000000000 ____D C:\ProgramData\MA Lighting Technologies
2021-05-26 23:13 - 2021-06-03 01:57 - 000000000 ____D C:\Users\USER\AppData\Local\GdtfGroup
2021-05-26 23:11 - 2021-05-26 23:11 - 000021387 _____ C:\Users\USER\AppData\Local\recently-used.xbel
2021-05-26 22:48 - 2021-05-26 22:48 - 000000000 ____D C:\Users\USER\AppData\Roaming\WinRAR
2021-05-26 22:48 - 2021-05-26 22:48 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-26 22:48 - 2021-05-26 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-26 22:48 - 2021-05-26 22:48 - 000000000 ____D C:\Program Files\WinRAR
2021-05-26 22:45 - 2021-05-30 22:34 - 000002590 _____ C:\Users\USER\.xmlcopyeditor
2021-05-26 20:59 - 2021-05-26 22:22 - 000000000 ____D C:\Users\USER\AppData\Local\gtk-2.0
2021-05-26 20:54 - 2021-05-26 23:11 - 000000000 ____D C:\Users\USER\AppData\Local\babl-0.1
2021-05-26 20:54 - 2021-05-26 20:54 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk
2021-05-26 20:54 - 2021-05-26 20:54 - 000000000 ____D C:\Users\USER\AppData\Roaming\GIMP
2021-05-26 20:54 - 2021-05-26 20:54 - 000000000 ____D C:\Users\USER\AppData\Local\GIMP
2021-05-26 20:54 - 2021-05-26 20:54 - 000000000 ____D C:\Users\USER\AppData\Local\gegl-0.4
2021-05-26 20:54 - 2021-05-26 20:54 - 000000000 ____D C:\Users\USER\.cache
2021-05-26 20:52 - 2021-05-26 20:52 - 000000000 ____D C:\Program Files\GIMP 2
2021-05-26 20:50 - 2021-06-10 16:51 - 000000000 ____D C:\Users\USER\AppData\Local\CrashDumps
2021-05-26 20:49 - 2021-05-26 20:51 - 000000000 ____D C:\Program Files\inPixio
2021-05-26 20:49 - 2021-05-26 20:49 - 000000000 ____D C:\Program Files\Common Files\Avanquest Software
2021-05-26 20:41 - 2021-05-30 16:47 - 000000000 ____D C:\Users\USER\Downloads\MA Lighting
2021-05-26 20:39 - 2021-05-26 20:41 - 1483077843 _____ C:\Users\USER\Downloads\Blackmagic_ATEM_Switchers_Windows_8.6.1.zip
2021-05-26 20:38 - 2021-05-26 20:38 - 263879068 _____ C:\Users\USER\Downloads\Blackmagic_Desktop_Video_Windows_12.1.zip
2021-05-26 10:49 - 2021-05-25 19:37 - 000000000 ____D C:\Users\USER\AppData\Local\NVIDIA
2021-05-26 10:47 - 2021-05-26 10:47 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ExpressVPN.lnk
2021-05-26 10:47 - 2021-05-26 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2021-05-26 10:47 - 2021-05-25 19:14 - 000000000 ____D C:\Users\USER\AppData\Local\OEM
2021-05-26 10:46 - 2021-05-30 16:41 - 000000000 ____D C:\ProgramData\MALightingTechnology
2021-05-26 10:46 - 2021-05-26 10:46 - 000000000 ____D C:\Users\USER\AppData\Local\CareCenter
2021-05-26 10:46 - 2021-05-25 20:38 - 000000000 ____D C:\Program Files\MALightingTechnology
2021-05-26 10:45 - 2021-06-03 14:24 - 000000000 ____D C:\Users\USER\AppData\Local\PlaceholderTileLogoFolder
2021-05-26 10:45 - 2021-05-26 13:45 - 000000000 ____D C:\Users\USER\AppData\Local\Comms
2021-05-26 10:45 - 2021-05-26 10:45 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2021-05-26 10:45 - 2021-05-26 10:45 - 000000000 ____D C:\Users\USER\Downloads\grandMA3_onPC_win_v1.4.2.1
2021-05-26 10:43 - 2021-06-03 14:24 - 000000000 ____D C:\Users\USER\AppData\Local\Publishers
2021-05-26 09:38 - 2021-06-10 17:39 - 000000000 ___RD C:\Users\USER\OneDrive
2021-05-26 09:38 - 2021-06-10 17:28 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2070248933-3621112216-831521933-1001
2021-05-26 09:38 - 2021-05-26 09:38 - 000000000 ____D C:\Users\Public\App Explorer
2021-05-26 09:37 - 2021-06-03 14:24 - 000000000 ____D C:\ProgramData\Packages
2021-05-26 09:37 - 2021-06-01 22:51 - 000000000 ____D C:\Users\USER\AppData\Local\NVIDIA Corporation
2021-05-26 09:36 - 2021-06-10 17:39 - 000000000 __SHD C:\Users\USER\IntelGraphicsProfiles
2021-05-26 09:36 - 2021-06-10 17:36 - 000000000 ____D C:\Users\USER\AppData\Local\Packages
2021-05-26 09:36 - 2021-06-10 16:52 - 000000000 ____D C:\Users\USER\AppData\Local\Host App Service
2021-05-26 09:36 - 2021-06-03 21:44 - 000000000 ____D C:\Users\USER\AppData\Roaming\Adobe
2021-05-26 09:36 - 2021-06-01 19:41 - 000000000 ____D C:\Users\USER\AppData\Local\VirtualStore
2021-05-26 09:36 - 2021-05-29 20:52 - 000002364 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-26 09:36 - 2021-05-26 09:37 - 000000000 ____D C:\Users\USER\AppData\Local\Intel
2021-05-26 09:36 - 2021-05-26 09:36 - 000000020 ___SH C:\Users\USER\ntuser.ini
2021-05-26 09:36 - 2021-05-26 09:36 - 000000000 ___RD C:\Users\USER\3D Objects
2021-05-26 09:36 - 2021-05-26 09:36 - 000000000 ____D C:\Users\USER\AppData\LocalLow\Intel
2021-05-26 09:36 - 2021-05-25 19:22 - 000000000 ____D C:\Users\USER\AppData\Local\ConnectedDevicesPlatform
2021-05-26 09:34 - 2021-06-10 17:28 - 000003692 _____ C:\Windows\system32\Tasks\AcerCMUpdateTask2.1.20072
2021-05-26 09:34 - 2021-05-26 09:34 - 000000000 _SHDL C:\Documents and Settings
2021-05-26 09:34 - 2021-05-26 09:34 - 000000000 ____D C:\Windows\oem
2021-05-26 01:45 - 2021-05-26 01:47 - 000000000 ____D C:\Users\USER\AppData\Local\AAR
2021-05-26 01:45 - 2021-05-26 01:45 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2021-05-26 01:40 - 2021-05-26 01:40 - 000000000 ____D C:\Users\USER\Documents\CyberLink
2021-05-26 01:39 - 2021-05-26 01:40 - 000000000 ___HD C:\ProgramData\CyberLink
2021-05-26 01:39 - 2021-05-26 01:39 - 000000000 ____D C:\Users\Public\CyberLink
2021-05-26 01:29 - 2021-05-26 01:29 - 000000000 ____D C:\Users\USER\Documents\Blackmagic Design
2021-05-26 01:29 - 2021-05-26 01:29 - 000000000 ____D C:\Users\USER\AppData\Roaming\Blackmagic Design
2021-05-26 01:29 - 2021-05-26 01:29 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2021-05-26 01:29 - 2021-05-26 01:29 - 000000000 ____D C:\ProgramData\Documents\Blackmagic Design
2021-05-26 01:28 - 2021-05-26 01:28 - 000000000 ____D C:\Users\USER\AppData\Roaming\NVIDIA
2021-05-26 01:10 - 2021-05-26 01:11 - 000000000 ____D C:\Users\USER\Downloads\VPU
2021-05-26 01:09 - 2021-05-26 01:09 - 000002633 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The ArtNetominator.lnk
2021-05-26 01:09 - 2021-05-26 01:09 - 000002621 _____ C:\Users\Public\Desktop\The ArtNetominator.lnk
2021-05-26 01:09 - 2021-05-26 01:09 - 000002621 _____ C:\ProgramData\Desktop\The ArtNetominator.lnk
2021-05-26 01:09 - 2021-05-26 01:09 - 000000000 ____D C:\Program Files (x86)\LJ
2021-05-26 01:08 - 2021-05-26 01:08 - 000000757 _____ C:\Users\USER\Desktop\Downloads - Shortcut.lnk
2021-05-26 01:08 - 2021-05-26 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artistic Licence
2021-05-26 01:08 - 2021-05-26 01:08 - 000000000 ____D C:\Program Files (x86)\Artistic Licence
2021-05-26 01:07 - 2016-10-11 01:05 - 002432000 _____ C:\Users\USER\Desktop\PenSuite.exe
2021-05-26 00:45 - 2021-05-26 00:45 - 000000000 ____D C:\Users\USER\Documents\WYSIWYG Files
2021-05-26 00:44 - 2021-05-26 00:44 - 000000000 ____D C:\Program Files (x86)\GPLGS
2021-05-26 00:44 - 2020-01-30 12:36 - 000087040 _____ C:\Windows\system32\custmon64.dll
2021-05-26 00:43 - 2021-05-28 15:47 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2021-05-26 00:43 - 2021-05-26 00:55 - 000000000 ____D C:\Program Files\WYSIWYG Drivers
2021-05-26 00:43 - 2021-05-26 00:55 - 000000000 ____D C:\Program Files (x86)\WYSIWYG Drivers
2021-05-26 00:36 - 2021-05-26 00:38 - 000000000 ____D C:\Users\USER\Downloads\WYSWIYGR44加密狗
2021-05-26 00:36 - 2021-03-01 07:13 - 000010807 _____ C:\Users\USER\Downloads\IMAGENES COLOR PICKER-20210301T051328Z-001.zip
2021-05-26 00:36 - 2021-03-01 07:13 - 000004918 _____ C:\Users\USER\Downloads\MACROS COLOR PICKER-20210301T051302Z-001.zip
2021-05-26 00:34 - 2021-06-09 22:13 - 000000000 ____D C:\Users\USER\Downloads\ARKAOS 5.1.1 Ch
2021-05-26 00:28 - 2021-05-29 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-05-26 00:28 - 2021-05-29 23:25 - 000000000 ____D C:\Program Files\Blackmagic Design
2021-05-26 00:28 - 2021-05-29 23:25 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-05-26 00:28 - 2021-05-29 22:19 - 000000000 ____D C:\ProgramData\Blackmagic Design
2021-05-26 00:28 - 2021-05-26 00:28 - 000001990 _____ C:\Users\USER\Desktop\DaVinci Resolve.lnk
2021-05-26 00:28 - 2021-05-26 00:28 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-05-26 00:08 - 2021-05-26 00:08 - 000000000 ____D C:\Users\USER\AppData\Local\ZeroTier
2021-05-26 00:07 - 2021-05-26 00:07 - 000002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZeroTier One.lnk
2021-05-26 00:07 - 2021-05-26 00:07 - 000000000 ____D C:\ProgramData\ZeroTier
2021-05-26 00:07 - 2021-05-26 00:07 - 000000000 ____D C:\ProgramData\regid.2010-01.com.zerotier
2021-05-26 00:07 - 2021-05-26 00:07 - 000000000 ____D C:\Program Files\ZeroTier
2021-05-26 00:07 - 2021-05-26 00:07 - 000000000 ____D C:\Program Files (x86)\ZeroTier
2021-05-26 00:01 - 2021-05-26 00:01 - 000000000 ____D C:\Windows\system32\Tasks\CareCenter
2021-05-25 21:00 - 2021-05-25 20:56 - 000000162 _____ C:\Users\USER\Desktop\jRR-GDTF.gshortcut
2021-05-25 20:55 - 2021-06-10 17:43 - 000000000 ___HD C:\Users\USER\Desktop\.tmp.drivedownload
2021-05-25 20:54 - 2021-06-10 17:40 - 000000000 ___RD C:\Users\USER\Google Drive
2021-05-25 20:54 - 2021-05-25 20:54 - 000001763 _____ C:\Users\USER\Desktop\Google Drive.lnk
2021-05-25 20:52 - 2021-05-25 20:52 - 000002077 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-05-25 20:52 - 2021-05-25 20:52 - 000002077 _____ C:\ProgramData\Desktop\Google Slides.lnk
2021-05-25 20:52 - 2021-05-25 20:52 - 000002075 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-05-25 20:52 - 2021-05-25 20:52 - 000002075 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2021-05-25 20:52 - 2021-05-25 20:52 - 000002065 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-05-25 20:52 - 2021-05-25 20:52 - 000002065 _____ C:\ProgramData\Desktop\Google Docs.lnk
2021-05-25 20:52 - 2021-05-25 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-05-25 20:41 - 2021-06-10 17:07 - 000002403 _____ C:\Users\Public\Desktop\grandMA3 onPC.lnk
2021-05-25 20:41 - 2021-06-10 17:07 - 000002403 _____ C:\ProgramData\Desktop\grandMA3 onPC.lnk
2021-05-25 20:39 - 2021-05-30 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MA Lighting
2021-05-25 20:23 - 2021-06-03 18:59 - 000000000 ____D C:\Users\USER\AppData\Local\D3DSCache
2021-05-25 20:16 - 2021-05-25 20:16 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-05-25 19:46 - 2021-03-30 17:57 - 000074608 _____ C:\Windows\system32\FvSDK_x64.dll
2021-05-25 19:46 - 2021-03-30 17:57 - 000064880 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2021-05-25 19:46 - 2020-08-14 14:59 - 000043416 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2021-05-25 19:37 - 2021-05-25 19:37 - 000000000 ____D C:\Users\USER\AppData\Local\CEF
2021-05-25 19:37 - 2021-05-25 19:37 - 000000000 ____D C:\Users\USER\ansel
2021-05-25 19:31 - 2021-05-25 19:31 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-05-25 19:31 - 2021-05-25 19:31 - 001687040 _____ C:\Windows\system32\libcrypto.dll
2021-05-25 19:31 - 2021-05-25 19:31 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-05-25 19:31 - 2021-05-25 19:31 - 000575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-05-25 19:31 - 2021-05-25 19:31 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-05-25 19:31 - 2021-05-25 19:31 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-05-25 19:31 - 2021-05-25 19:31 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-05-25 19:31 - 2021-05-25 19:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2021-05-25 19:31 - 2021-05-25 19:31 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2021-05-25 19:31 - 2021-05-25 19:31 - 000095744 _____ C:\Windows\system32\VirtualMonitorManager.dll
2021-05-25 19:31 - 2021-05-25 19:31 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-05-25 19:31 - 2021-05-25 19:31 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-05-25 19:31 - 2021-05-25 19:31 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-05-25 19:31 - 2021-05-25 19:31 - 000053760 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-05-25 19:30 - 2021-05-25 19:30 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 001823816 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-05-25 19:30 - 2021-05-25 19:30 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-05-25 19:30 - 2021-05-25 19:30 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 001314120 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-05-25 19:30 - 2021-05-25 19:30 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE
2021-05-25 19:30 - 2021-05-25 19:30 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-05-25 19:30 - 2021-05-25 19:30 - 000707016 _____ C:\Windows\system32\TextShaping.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000700928 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000643072 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000455680 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000446976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000422912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-05-25 19:30 - 2021-05-25 19:30 - 000330752 _____ C:\Windows\SysWOW64\ssdm.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000306688 _____ C:\Windows\system32\HeatCore.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-05-25 19:30 - 2021-05-25 19:30 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000240640 _____ C:\Windows\SysWOW64\CoreMas.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000235520 _____ C:\Windows\SysWOW64\HeatCore.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000190976 _____ C:\Windows\system32\BthpanContextHandler.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
 

stevebig

Posts: 11   +0
2021-05-25 19:30 - 2021-05-25 19:30 - 000152064 _____ C:\Windows\system32\EoAExperiences.exe
2021-05-25 19:30 - 2021-05-25 19:30 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000091136 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-05-25 19:30 - 2021-05-25 19:30 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-05-25 19:30 - 2021-05-25 19:30 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-05-25 19:30 - 2021-05-25 19:30 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000011351 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-05-25 19:30 - 2021-05-25 19:30 - 000010752 _____ C:\Windows\SysWOW64\agentactivationruntimestarter.exe
2021-05-25 19:30 - 2021-05-25 19:30 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2021-05-25 19:29 - 2021-05-25 19:29 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-05-25 19:29 - 2021-05-25 19:29 - 000455168 _____ C:\Windows\system32\ssdm.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000248375 ___SH C:\Users\USER\AppData\Roaming\jbewdgi
2021-05-25 19:29 - 2021-05-25 19:29 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-05-25 19:29 - 2021-05-25 19:29 - 000197632 _____ C:\Windows\system32\IHDS.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-05-25 19:29 - 2021-05-25 19:29 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000074240 _____ C:\Windows\system32\rdsxvmaudio.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000065440 ___SH (Microsoft Corporation) C:\Users\USER\AppData\Roaming\ggrggwv
2021-05-25 19:29 - 2021-05-25 19:29 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2021-05-25 19:23 - 2021-05-25 19:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-25 19:23 - 2020-10-28 23:54 - 042959834 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-05-25 19:22 - 2021-05-25 19:22 - 000000000 ___HD C:\OneDriveTemp
2021-05-25 19:21 - 2021-06-10 16:13 - 000000000 ____D C:\Windows\system32\MRT
2021-05-25 19:11 - 2021-05-25 19:11 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2021-05-25 19:10 - 2021-06-05 12:40 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-25 19:10 - 2021-06-05 12:40 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-25 19:10 - 2021-06-05 12:40 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-25 19:09 - 2021-06-10 17:28 - 000003346 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-25 19:09 - 2021-06-10 17:28 - 000003122 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-25 19:09 - 2021-05-25 20:52 - 000000000 ____D C:\Users\USER\AppData\Local\Google
2021-05-25 19:09 - 2021-05-25 20:52 - 000000000 ____D C:\Program Files\Google
2021-05-25 19:09 - 2021-05-25 19:09 - 000000000 ____D C:\Program Files (x86)\Google
2021-05-25 19:05 - 2021-06-10 16:11 - 000000000 ___HD C:\$WinREAgent
2021-05-25 19:03 - 2021-06-10 17:28 - 000002296 _____ C:\Windows\system32\Tasks\Power Button
2021-05-25 19:03 - 2021-06-10 17:20 - 000002282 _____ C:\Windows\system32\Tasks\Quick Access
2021-05-22 20:52 - 2021-05-22 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2021-05-22 20:52 - 2021-05-22 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2021-05-22 20:52 - 2021-05-22 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2021-05-22 20:52 - 2021-05-22 20:52 - 000044328 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2021-05-19 14:59 - 2021-05-19 14:59 - 000027368 _____ (Blackmagic Design) C:\Windows\system32\Drivers\BlackmagicStreaming.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-10 17:46 - 2020-11-11 01:49 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-06-10 17:46 - 2019-12-07 16:13 - 000000000 ____D C:\Windows\INF
2021-06-10 17:41 - 2020-11-11 02:24 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-10 17:39 - 2020-11-11 01:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-10 17:39 - 2020-11-11 01:42 - 000000000 ___HD C:\Intel
2021-06-10 17:39 - 2020-11-11 01:41 - 005111608 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-10 17:39 - 2020-11-11 01:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-10 17:39 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\ServiceState
2021-06-10 17:39 - 2019-12-07 16:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-10 17:39 - 2019-12-07 16:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-06-10 17:36 - 2020-11-11 02:37 - 000000000 ____D C:\Program Files\Acer
2021-06-10 17:36 - 2020-11-11 02:35 - 000000000 ____D C:\ProgramData\OEM
2021-06-10 17:36 - 2019-12-07 16:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-10 17:36 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\AppReadiness
2021-06-10 17:34 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\Help
2021-06-10 17:30 - 2020-11-11 02:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-06-10 17:28 - 2020-11-11 02:37 - 000002408 _____ C:\Windows\system32\Tasks\GoTrust ID Driver
2021-06-10 17:28 - 2020-11-11 02:35 - 000003852 _____ C:\Windows\system32\Tasks\ACCAgent
2021-06-10 17:28 - 2020-11-11 02:35 - 000002730 _____ C:\Windows\system32\Tasks\ACC
2021-06-10 17:28 - 2020-11-11 02:35 - 000002408 _____ C:\Windows\system32\Tasks\App Explorer
2021-06-10 17:28 - 2020-11-11 02:35 - 000002328 _____ C:\Windows\system32\Tasks\ACCBackgroundApplication
2021-06-10 17:28 - 2020-11-11 02:24 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 01:46 - 000003408 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-10 17:28 - 2020-11-11 01:46 - 000003184 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-10 17:28 - 2020-11-11 01:45 - 000002854 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2070248933-3621112216-831521933-500
2021-06-10 17:20 - 2020-11-11 02:44 - 000002548 _____ C:\Windows\system32\Tasks\StorPSCTL
2021-06-10 17:20 - 2020-11-11 02:35 - 000004362 _____ C:\Windows\system32\Tasks\Software Update Application
2021-06-10 17:19 - 2020-11-11 02:37 - 000002234 _____ C:\Windows\system32\Tasks\NitroSense
2021-06-10 16:52 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\NDF
2021-06-10 16:21 - 2020-11-11 01:47 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-09 20:58 - 2019-12-07 16:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-09 20:58 - 2019-12-07 16:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-06-09 18:36 - 2020-11-11 01:41 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-06-09 17:20 - 2020-11-11 01:41 - 000000000 ____D C:\Windows\Panther
2021-06-09 15:13 - 2019-12-07 16:03 - 000000000 ____D C:\Windows\CbsTemp
2021-06-05 21:37 - 2020-11-11 01:42 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-06-05 12:40 - 2020-11-11 01:46 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-31 18:23 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-05-31 18:01 - 2020-11-11 02:39 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-31 18:01 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-31 18:00 - 2020-11-11 02:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-29 21:04 - 2019-12-07 16:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-29 21:04 - 2019-12-07 16:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-29 21:04 - 2019-12-07 16:49 - 000000000 ____D C:\Windows\SysWOW64\WCN
2021-05-29 21:04 - 2019-12-07 16:49 - 000000000 ____D C:\Windows\system32\WCN
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\system32\F12
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\oobe
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\IME
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-29 21:04 - 2019-12-07 16:03 - 000000000 ____D C:\Windows\servicing
2021-05-27 23:29 - 2019-12-07 16:51 - 000000000 ____D C:\Windows\OCR
2021-05-26 10:45 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\appcompat
2021-05-26 09:37 - 2019-12-07 16:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-05-26 09:36 - 2019-12-07 16:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-05-25 22:30 - 2020-11-11 01:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-05-25 19:46 - 2020-11-11 01:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-25 19:46 - 2020-11-11 01:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-25 19:43 - 2019-12-07 16:50 - 000000000 ____D C:\Windows\system32\OpenSSH
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SystemResources
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\setup
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Dism
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Com
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\ShellComponents
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\Provisioning
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\DiagTrack
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\bcastdvr
2021-05-25 19:40 - 2020-11-11 02:35 - 000000000 ____D C:\ProgramData\Acer
2021-05-25 19:39 - 2020-05-22 14:50 - 000000000 ___HD C:\OEM
2021-05-25 19:33 - 2019-12-07 16:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2021-05-25 19:29 - 2020-11-11 01:47 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-05-25 19:22 - 2020-11-11 02:42 - 000000000 ____D C:\ProgramData\Norton
2021-05-25 19:14 - 2020-11-11 02:38 - 000000000 ____D C:\Windows\system32\Tasks\Oem
2021-05-25 19:14 - 2020-11-11 02:35 - 000000000 ____D C:\Program Files (x86)\Acer
2021-05-25 19:04 - 2020-11-11 01:44 - 000000000 __RHD C:\Users\Public\AccountPictures

==================== Files in the root of some directories ========

2021-05-25 19:29 - 2021-05-25 19:29 - 000065440 ___SH (Microsoft Corporation) C:\Users\USER\AppData\Roaming\ggrggwv
2021-05-25 19:29 - 2021-05-25 19:29 - 000248375 ___SH () C:\Users\USER\AppData\Roaming\jbewdgi
2021-06-05 18:17 - 2021-06-05 19:01 - 000083546 _____ () C:\Users\USER\AppData\Roaming\last.vmix
2021-06-05 12:42 - 2021-06-05 12:42 - 000000000 _____ () C:\Users\USER\AppData\Local\oobelibMkey.log
2021-06-01 22:36 - 2021-06-01 22:36 - 000000360 _____ () C:\Users\USER\AppData\Local\panelShutdownData.xml
2021-05-26 23:11 - 2021-05-26 23:11 - 000021387 _____ () C:\Users\USER\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 

stevebig

Posts: 11   +0
2021-05-25 19:30 - 2021-05-25 19:30 - 000152064 _____ C:\Windows\system32\EoAExperiences.exe
2021-05-25 19:30 - 2021-05-25 19:30 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2021-05-25 19:30 - 2021-05-25 19:30 - 000091136 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-05-25 19:30 - 2021-05-25 19:30 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-05-25 19:30 - 2021-05-25 19:30 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-05-25 19:30 - 2021-05-25 19:30 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2021-05-25 19:30 - 2021-05-25 19:30 - 000011351 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-05-25 19:30 - 2021-05-25 19:30 - 000010752 _____ C:\Windows\SysWOW64\agentactivationruntimestarter.exe
2021-05-25 19:30 - 2021-05-25 19:30 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2021-05-25 19:29 - 2021-05-25 19:29 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-05-25 19:29 - 2021-05-25 19:29 - 000455168 _____ C:\Windows\system32\ssdm.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000248375 ___SH C:\Users\USER\AppData\Roaming\jbewdgi
2021-05-25 19:29 - 2021-05-25 19:29 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-05-25 19:29 - 2021-05-25 19:29 - 000197632 _____ C:\Windows\system32\IHDS.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-05-25 19:29 - 2021-05-25 19:29 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000074240 _____ C:\Windows\system32\rdsxvmaudio.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-05-25 19:29 - 2021-05-25 19:29 - 000065440 ___SH (Microsoft Corporation) C:\Users\USER\AppData\Roaming\ggrggwv
2021-05-25 19:29 - 2021-05-25 19:29 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2021-05-25 19:23 - 2021-05-25 19:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-25 19:23 - 2020-10-28 23:54 - 042959834 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-05-25 19:22 - 2021-05-25 19:22 - 000000000 ___HD C:\OneDriveTemp
2021-05-25 19:21 - 2021-06-10 16:13 - 000000000 ____D C:\Windows\system32\MRT
2021-05-25 19:11 - 2021-05-25 19:11 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2021-05-25 19:10 - 2021-06-05 12:40 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-25 19:10 - 2021-06-05 12:40 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-25 19:10 - 2021-06-05 12:40 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-25 19:09 - 2021-06-10 17:28 - 000003346 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-25 19:09 - 2021-06-10 17:28 - 000003122 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-25 19:09 - 2021-05-25 20:52 - 000000000 ____D C:\Users\USER\AppData\Local\Google
2021-05-25 19:09 - 2021-05-25 20:52 - 000000000 ____D C:\Program Files\Google
2021-05-25 19:09 - 2021-05-25 19:09 - 000000000 ____D C:\Program Files (x86)\Google
2021-05-25 19:05 - 2021-06-10 16:11 - 000000000 ___HD C:\$WinREAgent
2021-05-25 19:03 - 2021-06-10 17:28 - 000002296 _____ C:\Windows\system32\Tasks\Power Button
2021-05-25 19:03 - 2021-06-10 17:20 - 000002282 _____ C:\Windows\system32\Tasks\Quick Access
2021-05-22 20:52 - 2021-05-22 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2021-05-22 20:52 - 2021-05-22 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2021-05-22 20:52 - 2021-05-22 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2021-05-22 20:52 - 2021-05-22 20:52 - 000044328 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2021-05-19 14:59 - 2021-05-19 14:59 - 000027368 _____ (Blackmagic Design) C:\Windows\system32\Drivers\BlackmagicStreaming.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-10 17:46 - 2020-11-11 01:49 - 000840602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-06-10 17:46 - 2019-12-07 16:13 - 000000000 ____D C:\Windows\INF
2021-06-10 17:41 - 2020-11-11 02:24 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-10 17:39 - 2020-11-11 01:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-10 17:39 - 2020-11-11 01:42 - 000000000 ___HD C:\Intel
2021-06-10 17:39 - 2020-11-11 01:41 - 005111608 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-10 17:39 - 2020-11-11 01:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-10 17:39 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\ServiceState
2021-06-10 17:39 - 2019-12-07 16:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-10 17:39 - 2019-12-07 16:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-06-10 17:36 - 2020-11-11 02:37 - 000000000 ____D C:\Program Files\Acer
2021-06-10 17:36 - 2020-11-11 02:35 - 000000000 ____D C:\ProgramData\OEM
2021-06-10 17:36 - 2019-12-07 16:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-10 17:36 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\AppReadiness
2021-06-10 17:34 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\Help
2021-06-10 17:30 - 2020-11-11 02:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-06-10 17:28 - 2020-11-11 02:37 - 000002408 _____ C:\Windows\system32\Tasks\GoTrust ID Driver
2021-06-10 17:28 - 2020-11-11 02:35 - 000003852 _____ C:\Windows\system32\Tasks\ACCAgent
2021-06-10 17:28 - 2020-11-11 02:35 - 000002730 _____ C:\Windows\system32\Tasks\ACC
2021-06-10 17:28 - 2020-11-11 02:35 - 000002408 _____ C:\Windows\system32\Tasks\App Explorer
2021-06-10 17:28 - 2020-11-11 02:35 - 000002328 _____ C:\Windows\system32\Tasks\ACCBackgroundApplication
2021-06-10 17:28 - 2020-11-11 02:24 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 02:24 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-06-10 17:28 - 2020-11-11 01:46 - 000003408 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-10 17:28 - 2020-11-11 01:46 - 000003184 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-10 17:28 - 2020-11-11 01:45 - 000002854 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2070248933-3621112216-831521933-500
2021-06-10 17:20 - 2020-11-11 02:44 - 000002548 _____ C:\Windows\system32\Tasks\StorPSCTL
2021-06-10 17:20 - 2020-11-11 02:35 - 000004362 _____ C:\Windows\system32\Tasks\Software Update Application
2021-06-10 17:19 - 2020-11-11 02:37 - 000002234 _____ C:\Windows\system32\Tasks\NitroSense
2021-06-10 16:52 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\NDF
2021-06-10 16:21 - 2020-11-11 01:47 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-09 20:58 - 2019-12-07 16:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-09 20:58 - 2019-12-07 16:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-06-09 18:36 - 2020-11-11 01:41 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-06-09 17:20 - 2020-11-11 01:41 - 000000000 ____D C:\Windows\Panther
2021-06-09 15:13 - 2019-12-07 16:03 - 000000000 ____D C:\Windows\CbsTemp
2021-06-05 21:37 - 2020-11-11 01:42 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-06-05 12:40 - 2020-11-11 01:46 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-31 18:23 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-05-31 18:01 - 2020-11-11 02:39 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-31 18:01 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-31 18:00 - 2020-11-11 02:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-05-29 21:04 - 2019-12-07 16:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-29 21:04 - 2019-12-07 16:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-29 21:04 - 2019-12-07 16:49 - 000000000 ____D C:\Windows\SysWOW64\WCN
2021-05-29 21:04 - 2019-12-07 16:49 - 000000000 ____D C:\Windows\system32\WCN
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\system32\F12
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\oobe
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\IME
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-29 21:04 - 2019-12-07 16:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-29 21:04 - 2019-12-07 16:03 - 000000000 ____D C:\Windows\servicing
2021-05-27 23:29 - 2019-12-07 16:51 - 000000000 ____D C:\Windows\OCR
2021-05-26 10:45 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\appcompat
2021-05-26 09:37 - 2019-12-07 16:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-05-26 09:36 - 2019-12-07 16:50 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-05-25 22:30 - 2020-11-11 01:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-05-25 19:46 - 2020-11-11 01:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-25 19:46 - 2020-11-11 01:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-25 19:43 - 2019-12-07 16:50 - 000000000 ____D C:\Windows\system32\OpenSSH
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\SystemResources
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\setup
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Dism
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\Com
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\ShellComponents
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\Provisioning
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\DiagTrack
2021-05-25 19:43 - 2019-12-07 16:14 - 000000000 ____D C:\Windows\bcastdvr
2021-05-25 19:40 - 2020-11-11 02:35 - 000000000 ____D C:\ProgramData\Acer
2021-05-25 19:39 - 2020-05-22 14:50 - 000000000 ___HD C:\OEM
2021-05-25 19:33 - 2019-12-07 16:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2021-05-25 19:29 - 2020-11-11 01:47 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-05-25 19:22 - 2020-11-11 02:42 - 000000000 ____D C:\ProgramData\Norton
2021-05-25 19:14 - 2020-11-11 02:38 - 000000000 ____D C:\Windows\system32\Tasks\Oem
2021-05-25 19:14 - 2020-11-11 02:35 - 000000000 ____D C:\Program Files (x86)\Acer
2021-05-25 19:04 - 2020-11-11 01:44 - 000000000 __RHD C:\Users\Public\AccountPictures

==================== Files in the root of some directories ========

2021-05-25 19:29 - 2021-05-25 19:29 - 000065440 ___SH (Microsoft Corporation) C:\Users\USER\AppData\Roaming\ggrggwv
2021-05-25 19:29 - 2021-05-25 19:29 - 000248375 ___SH () C:\Users\USER\AppData\Roaming\jbewdgi
2021-06-05 18:17 - 2021-06-05 19:01 - 000083546 _____ () C:\Users\USER\AppData\Roaming\last.vmix
2021-06-05 12:42 - 2021-06-05 12:42 - 000000000 _____ () C:\Users\USER\AppData\Local\oobelibMkey.log
2021-06-01 22:36 - 2021-06-01 22:36 - 000000360 _____ () C:\Users\USER\AppData\Local\panelShutdownData.xml
2021-05-26 23:11 - 2021-05-26 23:11 - 000021387 _____ () C:\Users\USER\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 

stevebig

Posts: 11   +0
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by USER (10-06-2021 17:52:51)
Running from C:\Users\USER\Downloads
Windows 10 Home Single Language Version 20H2 19042.985 (X64) (2021-05-26 02:34:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2070248933-3621112216-831521933-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2070248933-3621112216-831521933-503 - Limited - Disabled)
Guest (S-1-5-21-2070248933-3621112216-831521933-501 - Limited - Disabled)
USER (S-1-5-21-2070248933-3621112216-831521933-1001 - Administrator - Enabled) => C:\Users\USER
WDAGUtilityAccount (S-1-5-21-2070248933-3621112216-831521933-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000020072}) (Version: 2.1.20072 - Acer)
Acer Jumpstart (HKLM-x32\...\{E3930B59-5669-4BAB-A329-D56C1427C613}) (Version: 3.3.19180.100 - Acer)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_4_1) (Version: 22.4.1.211 - Adobe Inc.)
Adobe Photoshop 2021 Patch (HKLM-x32\...\{86AB4DA9-6987-419F-A237-66EB38496854}) (Version: 1.0.0 - OSTeam)
App Explorer (HKU\S-1-5-21-2070248933-3621112216-831521933-1001\...\Host App Service) (Version: 0.273.4.186 - SweetLabs) <==== ATTENTION
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.4.3179 - AVG Technologies)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
Blackmagic ATEM Switchers (HKLM\...\{E5E5BA44-C450-4980-9AA9-09DF0DC8F817}) (Version: 7.5.2.0 - Blackmagic Design)
Blackmagic Desktop Video (HKLM\...\{B26422DE-AFEA-4264-A201-AD6C99EA79A5}) (Version: 12.1.0.0 - Blackmagic Design)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box (HKLM\...\{55CB9B8A-E4FD-4DDD-B261-55C16D1D52E8}) (Version: 2.21.202 - Box, Inc.)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3019 - Acer Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.81 - Piriform)
Companion 2.1.3 (HKLM\...\85f8fb94-3357-50b8-9139-7a9cfe700367) (Version: 2.1.3 - Bitfocus AS)
DaVinci Resolve (HKLM\...\{7CBBBF93-A827-4138-BAD5-E60834D73B1E}) (Version: 17.2.00011 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{0489EBBD-5C2B-447E-9FF8-E08FA3D117F6}) (Version: 1.6.0.0 - Blackmagic Design)
DMX-Workshop including Art-Net 4, sACN, KiNet, DALI and VLC drivers (HKLM-x32\...\{C0861C11-EB66-44B4-9C6C-6E328FA9F00B}) (Version: 7.180.0021 - Artistic Licence Holdings Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 123.4.4832 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{BB78A7A1-B716-49D2-81C4-5A3ABE32C7E2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elgato Stream Deck (HKLM\...\{4F1A5814-B3FC-49BF-802E-30BCEDA1381A}) (Version: 4.9.4.13228 - Elgato Systems GmbH)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
ExpressVPN (HKLM-x32\...\{878F6EB4-73BF-4A1E-9A92-6DDF9EDC8A8B}) (Version: 2.3.21102.1 - Acer)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
GoTrust ID Plugin 2.0.10.26 (HKLM\...\GoTrust ID Plugin) (Version: 2.0.10.26 - GoTrust ID Inc.)
grandMA2 onPC 3.1.2.5 (HKLM-x32\...\grandMA2 onPC 3.1.2.5) (Version: - )
grandMA2 onPC 3.8.0.0 (HKLM-x32\...\grandMA2 onPC 3.8.0.0) (Version: - )
grandMA2 onPC 3.9.60.4 (HKLM-x32\...\grandMA2 onPC 3.9.60.4) (Version: - )
grandMA3 onPC 1.4.2.1 (HKLM-x32\...\MA Lighting Technology GmbH grandMA3 onPC 1.4.2.1) (Version: - "MA Lighting Technology GmbH")
Intel(R) Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2004.14.0.1447 - Intel Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{1995E767-7D5D-4BC7-9B4B-A0A1220AAC58}) (Version: 2.2.1410 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LINE (HKU\S-1-5-21-2070248933-3621112216-831521933-1001\...\LINE) (Version: 6.7.3.2508 - LINE Corporation)
MA 3D v3.1.2.5 (HKLM-x32\...\MA3D_V3.1.2) (Version: 3.1.2.5 - MA Lighting Technologies)
MagicYUV Lossless Video Codec version 1.1 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.1 - INNOMAGIC Bt.)
MediaMaster 5.3.1 (HKLM-x32\...\ArKaos MediaMaster 5.3.1) (Version: 5.3.1 - ArKaos s.a.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2070248933-3621112216-831521933-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 en-US) (HKLM\...\Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
NewTek NDI 3.8 Runtime (HKLM\...\{71AFF296-ED43-4166-8301-4649285EE712}_is1) (Version: - NewTek, inc.)
NitroSense Service (HKLM\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3016 - Acer Incorporated)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.42.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.42.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Pioneer DJ PRO DJ LINK Bridge (HKLM-x32\...\PRO DJ LINK Bridge_is1) (Version: 1.0 - Pioneer DJ Corporation)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3017 - Acer Incorporated)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8981.1 - Realtek Semiconductor Corp.)
SketchUp 2020 (HKLM-x32\...\{522800F1-9FCE-44F2-8D2E-2CEC5B25A9C2}) (Version: 20.2.172 - Trimble, Inc.)
SketchUpPro (HKLM\...\{5778f9a3-781e-16f1-a6bf-08fd59dfa77b}) (Version: 20.2.172.37 - SketchUp) Hidden
SurfEasy VPN 3.14.52 (HKLM-x32\...\SurfEasy VPN) (Version: 3.14.52 - SurfEasy Inc)
The ArtNetominator (HKLM-x32\...\{6D9DCB3C-9E3C-4A0E-85B7-F3E3442ED1B8}) (Version: 1.0.22 - LJ)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
vMix (HKLM-x32\...\{93D664E9-E81E-4277-9E90-6CDABAC7208F}_is1) (Version: - StudioCoast)
vMix Pro Activation 20.0.0.42 (HKLM-x32\...\vMix Pro Activation 20.0.0.42) (Version: 20.0.0.42 - A2zcrack)
vMix Social (HKLM-x32\...\{1A0C8557-EB4A-4DD1-B4F9-A974ADEFE05F}_is1) (Version: - StudioCoast Pty Ltd)
vMix Video Codec version 2.0 (HKLM-x32\...\{9C262A06-E609-41AF-93C2-EAAE331F25B8}_is1) (Version: 2.0 - StudioCoast Pty Ltd)
WhatsApp (HKU\S-1-5-21-2070248933-3621112216-831521933-1001\...\WhatsApp) (Version: 2.2121.5 - WhatsApp)
WinRAR 6.02 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.1 - win.rar GmbH)
ZeroTier One (HKLM-x32\...\{3B721AC6-50BD-410C-8E5F-9076234F4C46}) (Version: 1.6.5 - ZeroTier, Inc.) Hidden
ZeroTier One (HKLM-x32\...\ZeroTier One 1.6.5) (Version: 1.6.5 - ZeroTier, Inc.)
ZeroTier One Virtual Network Port (HKLM\...\{272B1192-65BE-4BDE-894B-6D3AD8BF7FD2}) (Version: 1.0.1 - ZeroTier) Hidden

Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3024.0_x64__48frkmn4z8aw4 [2021-05-26] (Acer Incorporated)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-05-25] (Acer Incorporated)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2021.2.6.0_x64__t5j2fzbtdg37r [2021-05-26] (DTS, Inc.)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.10.1.0_x64__t5j2fzbtdg37r [2021-06-01] (DTS, Inc.)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2021-06-01] (GoTrustID Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-06-01] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-05-26] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-06-03] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.2.3216.0_x64__rh07ty8m5nkag [2020-11-11] (Rivet Networks LLC) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-05-26] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-09] (Microsoft Studios) [MS Ad]
NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3016.0_x64__48frkmn4z8aw4 [2020-11-11] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.6428.0_x64__ypz87dpxkv292 [2020-11-11] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-11-11] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2021-05-25] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2021-05-25] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2070248933-3621112216-831521933-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\USER\Dropbox [2021-06-03 18:43]
CustomCLSID: HKU\S-1-5-21-2070248933-3621112216-831521933-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
SSODL: CallbackTechMountNotificator-cbfsconnect2017 - {282C12B0-70CE-4F46-A703-4F191DE59A76} - C:\Windows\system32\cbfsconnectMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.)
SSODL-x32: CallbackTechMountNotificator-cbfsconnect2017 - {282C12B0-70CE-4F46-A703-4F191DE59A76} - C:\Windows\SysWOW64\cbfsconnectMntNtf2017.dll (Callback Technologies, Inc. -> Callback Technologies, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {282C12B0-70CE-4F46-A703-4F191DE59A76} => C:\Windows\system32\cbfsconnectMntNtf2017.dll [2019-10-07] (Callback Technologies, Inc. -> Callback Technologies, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {282C12B0-70CE-4F46-A703-4F191DE59A76} => C:\Windows\SysWOW64\cbfsconnectMntNtf2017.dll [2019-10-07] (Callback Technologies, Inc. -> Callback Technologies, Inc.)
ShellIconOverlayIdentifiers: [ BoxAvailableOffline] -> {8D0A4E1B-C25A-4AF8-8DA7-531929C02958} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxLocked] -> {1B927815-D431-48B1-A746-6FF91FB35431} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxLockedByOther] -> {73C8BC94-4A51-413B-B927-829449EAFA75} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxProblem] -> {8BBBCFB6-60E2-4C0F-BB31-10434068E2BE} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSynced] -> {04B9BDFA-0C53-4F36-A77F-51F53E3EF3EC} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncing] -> {2FFF193C-5891-4B26-B363-40D3B5257FE9} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [ BoxAvailableOffline] -> {8D0A4E1B-C25A-4AF8-8DA7-531929C02958} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxLocked] -> {1B927815-D431-48B1-A746-6FF91FB35431} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxLockedByOther] -> {73C8BC94-4A51-413B-B927-829449EAFA75} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxProblem] -> {8BBBCFB6-60E2-4C0F-BB31-10434068E2BE} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxSynced] -> {04B9BDFA-0C53-4F36-A77F-51F53E3EF3EC} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxSyncing] -> {2FFF193C-5891-4B26-B363-40D3B5257FE9} => C:\Program Files\Box\Box\BoxShellExtShim-2.21.202.dll [2021-04-15] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-05-21] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-05-21] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_301ecb2c4867261f\nvshext.dll [2020-07-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-05-21] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-05-21] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.hdyc] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecLib64.dll [713728 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.v210] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecLib64.dll [713728 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.r210] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecLib64.dll [713728 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.uyvy] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecLib64.dll [713728 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Program Files\Blackmagic Design\Desktop Video\BMDCodecMJPG64.dll [642048 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [VIDC.MAGY] => C:\Windows\system32\magicyuv.dll [1019392 2015-03-04] () [File not signed]
HKLM\...\Drivers32: [vidc.VMX1] => C:\Windows\system32\vMixVideoCodec_x64.dll [472576 2020-09-17] () [File not signed]
HKLM\...\Drivers32: [vidc.hdyc] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecLib.dll [587264 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.v210] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecLib.dll [587264 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.r210] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecLib.dll [587264 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.uyvy] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecLib.dll [587264 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Program Files (x86)\Blackmagic Design\Desktop Video\BMDCodecMJPG.dll [503808 2021-05-17] (Blackmagic Design) [File not signed]
HKLM\...\Drivers32: [VIDC.MAGY] => C:\Windows\SysWOW64\magicyuv.dll [886784 2015-03-04] () [File not signed]
HKLM\...\Drivers32: [vidc.VMX1] => C:\Windows\SysWOW64\vMixVideoCodec_x86.dll [334848 2020-09-17] () [File not signed]
 

stevebig

Posts: 11   +0
==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\USER\Desktop\Hawa - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\USER\Desktop\Stefano (Steve) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\USER\Desktop\Sword (Sword Geisha) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Streaming Media Player.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jggnklnmaecfofafepejcjcjkcohgcfb
ShortcutWithArgument: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) =============

2021-06-05 18:12 - 2019-12-19 15:04 - 000990720 _____ () [File not signed] C:\Program Files (x86)\vMix\filters\vMixVideo.ax
2021-06-10 17:39 - 2021-06-10 17:39 - 000114176 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_ctypes.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000172544 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_elementtree.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 002255872 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_hashlib.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000032256 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_multiprocessing.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000046080 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_psutil_windows.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000047616 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_socket.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 002824704 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_ssl.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000026112 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\_yappi.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000080896 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\bz2.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000015872 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\common.time34.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000007680 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\hashobjs_ext.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000301568 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\PIL._imaging.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000168448 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\pyexpat.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 001084416 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\pysqlite2._sqlite.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000548864 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\pythoncom27.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 000137728 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\pywintypes27.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 000010752 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\select.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000020992 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\thumbnails_ext.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000689664 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\unicodedata.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000119808 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\usb_ext.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000128512 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32api.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000438784 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32com.shell.shell.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000011776 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32crypt.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000023040 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32event.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000149504 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32file.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000223232 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32gui.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000048128 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32inet.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000029696 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32pdh.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000027648 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32pipe.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000044032 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32process.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000020480 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32profile.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000136192 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32security.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000026624 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\win32ts.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000034304 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\windows.conditional.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000037888 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\windows.connectivity.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000071680 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\windows.device_monitor.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000103936 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\windows.volumes.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000019968 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\windows.winwrap.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 001325056 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wx._controls_.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 001489408 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wx._core_.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 001007104 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wx._gdi_.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000103424 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wx._html2.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 000916992 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wx._misc_.pyd
2021-06-10 17:39 - 2021-06-10 17:39 - 001039872 _____ () [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wx._windows_.pyd
2021-05-26 00:44 - 2020-01-30 12:36 - 000087040 _____ () [File not signed] C:\Windows\System32\custmon64.dll
2021-05-17 15:55 - 2021-05-17 15:55 - 005165568 _____ (Blackmagic Design) [File not signed] C:\Program Files\Blackmagic Design\Desktop Video\DeckLinkAPI64.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\python27.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wxbase30u_net_vc90_x64.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wxbase30u_vc90_x64.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wxmsw30u_adv_vc90_x64.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wxmsw30u_core_vc90_x64.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wxmsw30u_html_vc90_x64.dll
2021-06-10 17:39 - 2021-06-10 17:39 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\USER\AppData\Local\Temp\_MEI194122\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2070248933-3621112216-831521933-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=ACTE
HKU\S-1-5-21-2070248933-3621112216-831521933-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=ACTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 16:14 - 2019-12-07 16:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2021-06-10 16:38 - 2021-06-10 16:38 - 000000435 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.1 AcerSteve.mshome.net # 2026 6 2 9 9 38 35 989

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2070248933-3621112216-831521933-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\USER\Pictures\MA3wp.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C4863744-FFC7-4D6C-91FA-DA20C9AE878D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A329FA7B-E037-4E44-87C8-12BE5F1F54EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA8C4C9A-988A-48E2-B757-0CF968DEA743}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1D4142F5-7F29-4D13-8599-4E8A296E5BBF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B9999A2-41C5-4224-B03B-17D7D7429583}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{828CCD3C-D4AE-4990-96A5-B68E482B0582}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E1D767E3-FD24-42A0-905D-2845A365DA7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{074B2C66-1765-4DEE-AB3C-666DB49B91AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65E39FAA-88C4-4764-9311-0BB2F9EE3EDF}] => (Allow) C:\Program Files\MALightingTechnology\gma3_1.4.2\bin\app_system.exe (MA Lighting Technology GmbH -> MA Lighting Technology)
FirewallRules: [{04675841-DB61-4597-80CA-89E53079523A}] => (Allow) C:\Program Files\MALightingTechnology\gma3_1.4.2\bin\app_gma3.exe (MA Lighting Technology GmbH -> MA Lighting Technology)
FirewallRules: [{1E8C7505-7A9E-46F7-B3CC-70FBABFF4730}] => (Allow) LPort=9993
FirewallRules: [{B6D800D6-9D1D-4879-B5CF-46206091131F}] => (Allow) LPort=9993
FirewallRules: [{D6B78F20-A165-4525-9919-3BBFCF290FBD}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{92C6A74C-7F12-42F9-8062-5AD0D8B4C91C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{45DFEBF2-C492-4F91-B63F-1424B4A63523}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{DB1F1B60-9BA9-423A-93B2-D1F900385DE7}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2AA658DB-8EA4-494E-84DA-D7FE121AED4E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{697D8DAF-54D7-4D07-8CDA-54D6203A501C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1EC4CE5C-DD91-4ED1-9601-8FB7522C8A3E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F24FB58E-3C58-424C-AA3D-793473863EEA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{7E9E70B9-C71E-4616-9655-ACD1678E7FF2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{4F29297A-03D1-466E-B2C8-2B425A683B2E}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [File not signed]
FirewallRules: [UDP Query User{C47F00CD-9C0B-4B40-A0CC-F1FDF32FE1B3}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem software control\atem software control.exe () [File not signed]
FirewallRules: [{4C5BF947-0076-4E88-A848-0C7BDCB0E40E}] => (Allow) LPort=3001
FirewallRules: [{B385835D-9F9D-4C42-9EA0-1E5803C03231}] => (Allow) LPort=4567
FirewallRules: [TCP Query User{9DE7DF3E-6B0C-4647-B003-7C2EEF049C46}C:\program files\arkaos mediamaster 5.3.1\mediamaster.exe] => (Allow) C:\program files\arkaos mediamaster 5.3.1\mediamaster.exe (ArKaos S.A. -> ArKaos S.A.)
FirewallRules: [UDP Query User{806804CF-AEF9-4EA9-8A40-2A52BA88F2EA}C:\program files\arkaos mediamaster 5.3.1\mediamaster.exe] => (Allow) C:\program files\arkaos mediamaster 5.3.1\mediamaster.exe (ArKaos S.A. -> ArKaos S.A.)
FirewallRules: [TCP Query User{63CB6DA3-073F-4B71-9F6E-7C5C7713370C}C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.1.2.5\gma2onpc.exe] => (Allow) C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.1.2.5\gma2onpc.exe (MA Lighting Technology GmbH -> )
FirewallRules: [UDP Query User{4CDC0D89-378C-4EF0-9351-9BEBC1674A44}C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.1.2.5\gma2onpc.exe] => (Allow) C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.1.2.5\gma2onpc.exe (MA Lighting Technology GmbH -> )
FirewallRules: [{E898F88E-61EE-4FDA-945F-85955468AC78}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [TCP Query User{CFCEDA88-ADAF-49FC-876E-B42734F878B2}C:\program files\companion\companion.exe] => (Allow) C:\program files\companion\companion.exe (Bitfocus AS) [File not signed]
FirewallRules: [UDP Query User{1D86DC22-D2FA-416C-914C-D1B19DC44002}C:\program files\companion\companion.exe] => (Allow) C:\program files\companion\companion.exe (Bitfocus AS) [File not signed]
FirewallRules: [TCP Query User{C17A0585-AD49-4E40-BAC1-4D9648D75162}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [File not signed]
FirewallRules: [UDP Query User{4E7479C0-3E94-411E-9DAE-50CF712956C0}C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe] => (Allow) C:\program files (x86)\blackmagic design\blackmagic atem switchers\atem setup\atem setup.exe () [File not signed]
FirewallRules: [TCP Query User{93440180-0765-4C43-AEBD-C26B3554CFED}C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.8.0.0\gma2onpc.exe] => (Allow) C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.8.0.0\gma2onpc.exe (MA Lighting Technology GmbH -> )
FirewallRules: [UDP Query User{DDCCE3C0-A59C-4C03-B3CE-67EC7AE38BC2}C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.8.0.0\gma2onpc.exe] => (Allow) C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.8.0.0\gma2onpc.exe (MA Lighting Technology GmbH -> )
FirewallRules: [TCP Query User{71F94433-3899-4A1E-962E-122A2123FC7C}C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.9.60.4\gma2onpc.exe] => (Allow) C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.9.60.4\gma2onpc.exe (MA Lighting Technology GmbH -> )
FirewallRules: [UDP Query User{A68DCF80-6C1F-4F9D-956B-188A88176C22}C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.9.60.4\gma2onpc.exe] => (Allow) C:\program files\ma lighting technologies\grandma\grandma2 onpc 3.9.60.4\gma2onpc.exe (MA Lighting Technology GmbH -> )
FirewallRules: [{5A1D19B7-495C-4B2B-B228-1AD167667EBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9C916A1B-9487-48DF-A24B-D901637D9BF1}C:\program files (x86)\lj\the artnetominator\artnetominator.exe] => (Allow) C:\program files (x86)\lj\the artnetominator\artnetominator.exe (LJ) [File not signed]
FirewallRules: [UDP Query User{7EF10862-2B31-47A7-BBFF-302CD6543C96}C:\program files (x86)\lj\the artnetominator\artnetominator.exe] => (Allow) C:\program files (x86)\lj\the artnetominator\artnetominator.exe (LJ) [File not signed]
FirewallRules: [TCP Query User{4C0E3B31-E60B-42BA-BB2D-F99D983D1477}C:\users\user\desktop\pensuite.exe] => (Allow) C:\users\user\desktop\pensuite.exe () [File not signed]
FirewallRules: [UDP Query User{3827BF16-40ED-4736-A523-6ADE3ED5F644}C:\users\user\desktop\pensuite.exe] => (Allow) C:\users\user\desktop\pensuite.exe () [File not signed]
FirewallRules: [TCP Query User{4E7C85DE-9E5A-40EC-A878-037CEB3508EB}C:\program files (x86)\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files (x86)\chamsys ltd\magicq pc\mqqt.exe => No File
FirewallRules: [UDP Query User{E783D260-FC8C-4ED2-8813-1E84F1121FFB}C:\program files (x86)\chamsys ltd\magicq pc\mqqt.exe] => (Allow) C:\program files (x86)\chamsys ltd\magicq pc\mqqt.exe => No File
FirewallRules: [{D3D29223-3490-4EFD-81F9-57E3EAC2350A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4D21E81D-9BA6-463B-94E7-8AD22213342E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9D181700-D80E-4F94-B154-33E1A440E703}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFF535E6-4347-431E-8B29-02C7F7F44E44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{531112A6-C9B5-478A-9C9E-B2FBC2CF1EFC}C:\program files\avolites\titan go\titan go.exe] => (Allow) C:\program files\avolites\titan go\titan go.exe => No File
FirewallRules: [UDP Query User{8D5D3D9F-E41B-4CF2-9C28-BA20379A24B5}C:\program files\avolites\titan go\titan go.exe] => (Allow) C:\program files\avolites\titan go\titan go.exe => No File
FirewallRules: [TCP Query User{828AD588-83CF-44F2-91A5-4CDF710567E1}C:\program files\avolites\titan simulator\titansimulator.exe] => (Allow) C:\program files\avolites\titan simulator\titansimulator.exe => No File
FirewallRules: [UDP Query User{5DBF0608-A5E3-4426-8309-0721D3FE5FBA}C:\program files\avolites\titan simulator\titansimulator.exe] => (Allow) C:\program files\avolites\titan simulator\titansimulator.exe => No File
FirewallRules: [TCP Query User{B35D54C5-1859-4009-90E7-0CEB968E4DBB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F330C502-8B7A-469E-A4A2-502DF981D89D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E6F248C7-185D-4FF7-9055-CEAEB6D9B276}C:\program files\epic games\ue_4.26\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.26\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{01472064-AA6E-4D9F-9387-A13CD6E4D369}C:\program files\epic games\ue_4.26\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.26\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{939A9ED8-59B5-458F-95A2-1DE59C1D2D0C}C:\program files\epic games\ue_5.0ea\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.0ea\engine\binaries\win64\unrealeditor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{642113AD-F365-4F43-8281-2D80CFAD8BA8}C:\program files\epic games\ue_5.0ea\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.0ea\engine\binaries\win64\unrealeditor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{7B62230B-DA05-471E-9065-AAB9318E08DA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD1C1DB0-625C-4603-B4E6-5F4C943DE13D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22ED351F-9780-4EBC-BB81-8F44FAE613D5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8CCF8572-4C88-4FD0-875C-46E6B5E74B56}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A0EAEF1E-0C76-4773-ACCE-9E30C10D82B0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9790D7E4-8A8D-4768-A670-FB9983949329}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{51D3BFC6-6293-4724-ADA6-5636C48BB707}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA51D2AD-C4EC-46CC-8641-4E8B8C3B06D8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B813B48C-28EC-4B8B-879D-784EA866233A}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (NortonLifeLock Inc. -> )
FirewallRules: [UDP Query User{E8030538-299E-4B9A-845B-8E6842F3379A}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (NortonLifeLock Inc. -> )
FirewallRules: [TCP Query User{A3FA7340-8D23-4047-9AE9-50F31786C585}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [UDP Query User{FEE5B962-3D9B-4B9A-964D-666774A3296E}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [{FC728423-EC51-452F-9B4E-94490E1C5E04}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{D73EAE1E-2893-48FE-B197-4AC5208B6534}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{846AE1BC-2FC2-4444-BF9C-4A46EE4E507B}] => (Allow) C:\Program Files (x86)\vMix\vMix.exe (StudioCoast Pty Ltd -> StudioCoast Pty Ltd)
FirewallRules: [{22608AB2-B619-4FEB-997B-E9658B05151E}] => (Allow) C:\Program Files (x86)\vMix\vMix64.exe (StudioCoast Pty Ltd -> StudioCoast Pty Ltd)
FirewallRules: [{E4FA0130-FDFA-419E-BD0D-5D0463A87A51}] => (Allow) C:\Program Files (x86)\vMix\ndi\vMixNDIHelper.exe (StudioCoast Pty Ltd) [File not signed]
FirewallRules: [{024D3A79-15A2-4194-97C9-8FACAF1577A0}] => (Allow) C:\Program Files (x86)\vMix\vMixDesktopCapture.exe (StudioCoast Pty Ltd -> )
FirewallRules: [{17F2E0A6-BB88-4D68-B8C5-45DE5C8E1279}] => (Allow) C:\Program Files (x86)\vMix\ndi\x86\NDIRecord.exe (Newtek Inc -> )
FirewallRules: [{FF0EB9A5-EDE4-4B79-AFF5-A2B0D33412B1}] => (Allow) C:\Program Files (x86)\vMix\ndi\x64\NDIRecord.exe (Newtek Inc -> )
FirewallRules: [{A17AD332-F5D7-4E4B-87C2-E3C87B10418E}] => (Allow) C:\Program Files (x86)\vMix\NDINode.exe () [File not signed]
FirewallRules: [{94432C65-128C-4E4F-A0EE-45AF46CD540C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90DD8F4C-CCC8-4AAB-BC88-0AB6F0F1BDB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E5DFCA8-944E-4581-A4EB-5A5525F4F6C1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A4186D7-F5CB-4EB1-91FC-5D222226FB76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA105BE4-14AA-442E-9F89-D70D53A38279}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FB873EE-5AAA-4F49-8434-2D3B151F23DA}] => (Allow) C:\Program Files\MALightingTechnology\gma3_1.4.2\bin\app_system.exe (MA Lighting Technology GmbH -> MA Lighting Technology)
FirewallRules: [{78F1EF3B-82FC-46E4-A966-10E072C2C316}] => (Allow) C:\Program Files\MALightingTechnology\gma3_1.4.2\bin\app_gma3.exe (MA Lighting Technology GmbH -> MA Lighting Technology)
FirewallRules: [{616089A9-3E9C-4B6A-8916-4F16D8334483}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{C675E00D-EC9B-45F0-B6EA-C8654FC308D6}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )

==================== Restore Points =========================

02-06-2021 20:59:17 Scheduled Checkpoint
05-06-2021 16:31:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
09-06-2021 15:13:00 Windows Modules Installer
10-06-2021 16:21:22 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508
10-06-2021 17:30:43 Removed Avolites Personality Builder
10-06-2021 17:31:58 Removed Avolites Titan 15.0
10-06-2021 17:33:05 Removed Avolites Usb Expert
10-06-2021 17:33:14 Installed Avolites Titan 15.0
10-06-2021 17:33:21 Removed Avolites Titan Mobile
10-06-2021 17:33:31 Removed Avolites Titan Simulator
10-06-2021 17:33:39 Removed Avolites Titan Go
10-06-2021 17:33:48 Removed Avolites Virtual Panel
10-06-2021 17:33:56 Removed Avolites WebAPI 15.0
10-06-2021 17:34:05 Removed Avolites CITP 15.0
10-06-2021 17:34:14 Removed Avolites ACN Gateway
10-06-2021 17:34:21 Removed Log Viewer Pro
10-06-2021 17:34:30 Installed Avolites Personality Builder
10-06-2021 17:34:37 Installed Titan HealthCheck
10-06-2021 17:34:46 Removed Authenticator

==================== Faulty Device Manager Devices ============

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/10/2021 05:11:06 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: ACERSTEVE)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (06/10/2021 05:10:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (06/10/2021 04:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname AcerSteve.local already in use; will try AcerSteve-2.local instead

Error: (06/10/2021 04:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 AcerSteve.local. Addr 192.168.191.7

Error: (06/10/2021 04:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.191.7:5353 16 AcerSteve.local. AAAA FC93:D062:A073:7029:3CB9:0000:0000:0001

Error: (06/10/2021 04:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 AcerSteve.local. AAAA FE80:0000:0000:0000:41DE:83F2:596C:A350

Error: (06/10/2021 04:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.191.7:5353 16 AcerSteve.local. AAAA FC93:D062:A073:7029:3CB9:0000:0000:0001

Error: (06/10/2021 04:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 AcerSteve.local. Addr 192.168.191.7


System errors:
=============
Error: (06/10/2021 05:38:44 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/10/2021 05:38:43 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/10/2021 05:38:43 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/10/2021 05:38:43 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/10/2021 05:38:43 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/10/2021 05:38:43 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/10/2021 05:38:43 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (06/10/2021 05:38:43 PM) (Source: DCOM) (EventID: 10010) (User: ACERSTEVE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Windows Defender:
================
Date: 2021-06-09 23:17:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-09 14:59:49
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: App:Utorrent_BundleInstaller
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\USER\AppData\Local\Temp\7zS460FEC70\Carrier.exe; file:_C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk; file:_C:\Users\USER\AppData\Roaming\uTorrent\uTorrent.exe; file:_C:\Users\USER\Desktop\µTorrent.lnk; regkey:_HKCU@S-1-5-21-2070248933-3621112216-831521933-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; regkey:_HKCU@S-1-5-21-2070248933-3621112216-831521933-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent; runkey:_HKCU@S-1-5-21-2070248933-3621112216-831521933-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; uninstall:_HKCU@S-1-5-21-2070248933-3621112216-831521933-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\USER\Downloads\uTorrent.exe
Security intelligence Version: AV: 1.341.301.0, AS: 1.341.301.0, NIS: 1.341.301.0
Engine Version: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-08 17:20:36
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:MSIL/AgentTesla.AUE!MTB
Severity: Severe
Category: Trojan
Path: containerfile:_C:\Program Files (x86)\Adobe\Adobe Photoshop 2021 Patch\AdobeOnlineActivator.exe; file:_C:\Program Files (x86)\Adobe\Adobe Photoshop 2021 Patch\AdobeOnlineActivator.exe->[MSILRES:costura.newtonsoft.json.dll]
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.341.227.0, AS: 1.341.227.0, NIS: 1.341.227.0
Engine Version: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-08 14:18:48
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:MSIL/AgentTesla.AUE!MTB
Severity: Severe
Category: Trojan
Path: containerfile:_C:\Program Files (x86)\Adobe\Adobe Photoshop 2021 Patch\AdobeOnlineActivator.exe; file:_C:\Program Files (x86)\Adobe\Adobe Photoshop 2021 Patch\AdobeOnlineActivator.exe->[MSILRES:costura.newtonsoft.json.dll]
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
Security intelligence Version: AV: 1.341.227.0, AS: 1.341.227.0, NIS: 1.341.227.0
Engine Version: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-08 02:39:13
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-09 19:32:36
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2021-06-04 19:55:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.8.0
Previous security intelligence Version: 1.339.1944.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 19:55:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.8.0
Previous security intelligence Version: 1.339.1944.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 19:55:47
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 11:57:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.8.0
Previous security intelligence Version: 1.339.1944.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

CodeIntegrity:
===============
Date: 2021-06-10 17:53:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-10 17:51:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-06-10 17:49:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V1.07 08/27/2020
Motherboard: CML Stonic_CMS
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 63%
Total physical RAM: 16215.05 MB
Available physical RAM: 5953.29 MB
Total Virtual: 22359.05 MB
Available Virtual: 10202.38 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:475.83 GB) (Free:290.73 GB) NTFS

\\?\Volume{c29ed0c9-89ab-4192-9dd4-7e543b2f6a68}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.47 GB) NTFS
\\?\Volume{17af0a60-6f05-4479-a1ae-f93371ade7b0}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{fff24c39-c45a-11eb-820e-dc41a962b23f}\ (Box) (Network) (Total:475.83 GB) (Free:290.73 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
 

Broni

Posts: 55,752   +502
redtarget.gif
Uninstall following unwanted program:

App Explorer

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.