Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2025 Ran by Administrator (administrator) on WKSTN2 (Micro-Star International Co., Ltd. MS-7D98) (12-08-2025 08:58:21) Running from D:\temp\FRST64.exe Loaded Profiles: Administrator Platform: Microsoft Windows 10 Pro Version 22H2 19045.6159 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\ai.exe (C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\138.0.3351.121\msedgewebview2.exe <6> (C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe (C:\Windows\SysWOW64\BRSVC01A.EXE ->) (brother Industries Ltd) [File not signed] C:\Windows\SysWOW64\BRSS01A.EXE (explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2506.26001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11> (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\25.137.0715.0001\Microsoft.SharePoint.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\UsbAppControl\USBAppControl.exe (services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl\WorkflowAppControl.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) D:\apps\photoshop11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (brother Industries Ltd) [File not signed] C:\Windows\SysWOW64\BRSVC01A.EXE (services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_0ce29d36fc8607e6\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe (services.exe ->) (IntelĀ® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\NisSrv.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe (services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6f4cb64ffeaadda7\RtkAudUService64.exe (services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689584 2000-01-01] (VIA Technologies Inc. -> VIA) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [9523624 2025-05-24] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6f4cb64ffeaadda7\RtkAudUService64.exe [3077640 2025-07-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => E:\apps\iTunes\iTunesHelper.exe [368976 2025-03-18] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689584 2000-01-01] (VIA Technologies Inc. -> VIA) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-06] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-06] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [95640 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-10] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4009984 2024-05-31] (Brother Industries, Ltd.) [File not signed] HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\Run: [FTPVoyagerSchedulerTrayIcon] => D:\apps\FTPVoyager\FTP Voyager Scheduler Tray.exe [2070304 2014-10-01] (SolarWinds, Inc. -> SolarWinds Worldwide, LLC. +1(866) 530-8100) HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\Run: [Akamai NetSession Interface] => C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-11] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation) HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4117568 2025-08-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\Run: [GarminExpress] => D:\apps\GarminExpress\Garmin\Express\express.exe [29011792 2025-08-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File) HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [91936104 2025-08-12] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\RunOnce: [Uninstall 25.130.0706.0004] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\25.130.0706.0004" [0 2025-08-12] () <==== ATTENTION [zero byte File/Folder] HKU\S-1-5-21-3459889486-3951885560-3942257353-500\...\Policies\Explorer: [NoThumbnailCache] 1 HKU\S-1-5-21-3459889486-3951885560-3942257353-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [154112 2024-04-24] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\BrPrint: C:\Windows\System32\spool\prtprocs\x64\BRPP64A.DLL [41984 2009-05-19] (Brother Industries ,Ltd) [File not signed] HKLM\...\Windows x64\Print Processors\hpcpp255: C:\Windows\System32\spool\prtprocs\x64\hpcpp255.dll [848384 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX890 series: CNCALAZ.DLL (No File) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX890 series: CNMLMAZ.DLL (No File) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed] HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW082.DLL [120320 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) HKLM\...\Print\Monitors\HPMLM225: C:\Windows\system32\hpmlm225.dll [308224 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\138.0.7204.185\Installer\chrmstp.exe [2025-08-09] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother iPSMonitor.lnk [2025-07-30] ShortcutTarget: Brother iPSMonitor.lnk -> C:\Program Files (x86)\Brother\iPrint&Scan\IPSMONITOR\iPSMonitor.exe (iPSMonitor) [File not signed] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION Task: {0C212878-FFAC-4C8A-AC7C-C026702B4727} - \Microsoft_MKC_Logon_Task_ipoint.exe -> No File <==== ATTENTION Task: {0CD7E275-53F6-415D-B783-19EE156F96D0} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe -> No File <==== ATTENTION Task: {10801E1A-60F0-497F-97D0-2ACC32913B07} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION Task: {16D4016D-1CC0-4139-A338-7B51560F7D9C} - \Microsoft_Hardware_Launch_itype_exe -> No File <==== ATTENTION Task: {22002913-2DEE-45E3-BDBA-4D2615CE8B1D} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION Task: {253F7FF8-D70B-47F7-AB18-00A47AEADCFB} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {2783B9E5-9751-43E5-8BEA-DC6E531058A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {27DFC620-4044-49A8-9F66-CCB949DC3744} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION Task: {2816DD4D-1634-4D46-AB2B-4BF6FF0A950A} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION Task: {290C7EC3-7328-4FAF-B33A-213455FF70D3} - \AdobeAAMUpdater-1.0-WKSTN2-Administrator -> No File <==== ATTENTION Task: {2A508F51-7850-41A1-B16A-2BA466E2537E} - \Adobe Acrobat Update Task -> No File <==== ATTENTION Task: {3214C55A-720E-4150-AE3C-4302C32A865B} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION Task: {32EEF683-9924-4185-A06B-05FCAAFB4629} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {33AA549B-1968-4AF0-B786-06819354E811} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION Task: {346F395C-AE47-43D8-B9D1-6E4C12242C0A} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION Task: {4B1E32B7-81C1-4D16-BCBA-133E0E26C765} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION Task: {4CC9C989-3F2C-48BF-B8AD-1BD43283A92A} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION Task: {4DF2C22B-13AB-4841-86AC-606F96DA9BB9} - \Microsoft_Hardware_Launch_ipoint_exe -> No File <==== ATTENTION Task: {5055EAAB-890F-4652-A390-DFCD511EE983} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION Task: {5294748F-6251-4FB6-9533-7579DFD87DFF} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION Task: {5937007C-04E9-42F6-8FBD-917DBE6710F6} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION Task: {61116037-E895-4B1D-BA69-FCF11EFCDE31} - \WPD\SqmUpload_S-1-5-21-3459889486-3951885560-3942257353-1000 -> No File <==== ATTENTION Task: {62A32A59-3EA8-4234-8169-CE3E520CCE74} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {64266F13-2182-4B1A-B5E6-8F9D919D037F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {68F72B2A-EACC-4C52-98E0-9193C1458E39} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION Task: {6919D1A6-4D89-45C8-A458-93BB0ECB76CA} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION Task: {71127708-B3BB-45D7-B94B-C55DF9379E56} - \User_Feed_Synchronization-{B13E97A8-986B-42A8-B51F-1E009B1175E8} -> No File <==== ATTENTION Task: {78281017-E460-4EC6-A6FA-4F4DA8D15BA3} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION Task: {7A316257-5F09-4A6A-8316-37912A088244} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION Task: {7CA83206-18BF-4D83-BD1D-F57AA8C6129F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {7D193027-E562-482D-B5FF-78A971E97F7E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {8360D052-1407-4809-AAAA-FDF2A5023957} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION Task: {8A573D06-D004-45E2-97DC-2772FBBB3AAA} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION Task: {8B349CEC-85AC-46C5-B211-2482F321D02E} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION Task: {8BC6FC09-3E1F-4AF9-8B00-8D3EA22B47FB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {90E4857F-6B8A-4EB3-A512-2FEDD2C2CFB6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {913D98FA-C3B9-4358-9C08-6B0888D3371B} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION Task: {9A9A2CA8-B328-44F7-908F-B9689715A719} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION Task: {A39F5BDB-ABDE-4A2D-B303-1657C9FBFF33} - \Norton Identity Safe\Norton Error Processor -> No File <==== ATTENTION Task: {A4BE6FA0-6CDC-4C43-8FFE-CD64A12129C6} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION Task: {A8AACA05-5FA7-4653-B076-66F346ECB90B} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION Task: {ACAAC1E2-4D5B-4641-8867-C2FF6703B3D2} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION Task: {ACFED2FB-B6FC-4808-BC53-1471568B5F19} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION Task: {B1330782-C81B-49D8-960D-47C9DC3D1520} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {B63D7654-1701-4BAF-AA9E-A71B34F14AC0} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION Task: {BB9BE6D3-11E7-4BC8-AAC2-7DE18ED86D8A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {BC174B39-8F4B-40CB-B0AF-6DF2A7470EC5} - \Remediation\AntimalwareMigrationTask -> No File <==== ATTENTION Task: {BC71127F-F0A1-495B-92BE-9D0D954550C8} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION Task: {BD6E40AE-EFDA-4197-9F36-922714D06DEC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {C077000A-686D-4795-B6FD-70FC2D020A06} - \Adobe Flash Player Updater -> No File <==== ATTENTION Task: {C1B77794-0088-479B-872D-DADE8064828B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C3CA7C03-1FAE-46F9-A192-3697867BF773} - \GarminUpdaterTask -> No File <==== ATTENTION Task: {C8AA25B9-6BED-4628-995C-18C7772AF326} - \Microsoft_Hardware_Launch_devicecenter_exe -> No File <==== ATTENTION Task: {CEF3D690-824A-4E2B-9F16-659726929691} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION Task: {D17F8929-E07F-47C1-A979-5ED2F577C59C} - \WPD\SqmUpload_S-1-5-21-3459889486-3951885560-3942257353-500 -> No File <==== ATTENTION Task: {D2318CCF-933F-42F8-BD15-129C18A7D810} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {D7645E52-5A31-450D-A13A-4879239FE451} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION Task: {DA47F0EE-95B2-459F-B411-8190FDF08CD8} - \Norton Identity Safe\Norton Error Analyzer -> No File <==== ATTENTION Task: {DF566D51-9080-49E8-A984-E057BF7D5A98} - \Microsoft_MKC_Logon_Task_itype.exe -> No File <==== ATTENTION Task: {DFF9F8F6-1060-4356-9036-B4774EFA049F} - \Norton WSC Integration -> No File <==== ATTENTION Task: {E2E6F24F-40F5-4A5A-9685-947BFFD41CD1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {E6DCEEA7-7808-4E93-B66F-0AB181063810} - \SidebarExecute -> No File <==== ATTENTION Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION Task: {F4B833EF-88A5-40DF-A417-3B267D1688C0} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION Task: {FB674E43-A720-4003-B90C-BBE127B19194} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION Task: {2992BFB4-9208-45B9-B905-BA3EEFEC2DCD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [9523624 2025-05-24] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {40ABB8AB-7437-4240-B368-E59CA01D782B} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [9838504 2025-05-24] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {8C66E706-4BBB-44FB-9A6B-E42D621630EA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-26] (Apple Inc. -> Apple Inc.) Task: {E8FF3DB5-0B5B-4FEE-AF37-A907EF91F2F9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem141.0.7340.0{59E3D61C-E5DB-4BB6-8526-E947BA1D2765} => C:\Program Files (x86)\Google\GoogleUpdater\141.0.7340.0\updater.exe [6813336 2025-08-06] (Google LLC -> Google LLC) Task: {14E38FF7-C832-4CFB-B6A8-FAB8AF5C8FAE} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation) Task: {7415C1AF-7ECE-43D3-B85C-76D24EF636BA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6360256 2025-04-29] (Intel Corporation -> Intel Corporation) Task: {6B4F314A-83F7-4C39-9EC1-A3463599F718} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6360256 2025-04-29] (Intel Corporation -> Intel Corporation) Task: {636D89D1-1695-4212-AB80-E1FA01265AF5} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [11338608 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {1D8EAB3D-B05E-4654-88F2-A65B795D2323} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28813720 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {231DB15B-A705-4A35-B0A1-D047D7BEE187} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [61280 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {64FCD0AA-BFF1-4C3E-8B8A-C5E782E6ECE2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28813720 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {EF4E41B1-9615-405A-B911-EFFB690F9F17} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222496 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {8B1F9A9F-42F0-496D-89C8-927A0498F573} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222496 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {0F889AE3-23B3-4D6E-B96D-B54D935B36A9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [67440 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {BAFF7E0B-7CF3-41F0-B0E4-2E6382D4122A} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [256416 2025-08-09] (Microsoft Corporation -> Microsoft) Task: {83F58C7D-3966-4C17-8E30-CA9AE2FFEF28} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-3459889486-3951885560-3942257353-1010 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [26552 2025-08-09] (Microsoft Corporation -> Microsoft) Task: {D2FBBA50-FE93-4425-A6B4-6308F5A5C5BC} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-3459889486-3951885560-3942257353-1014 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [26552 2025-08-09] (Microsoft Corporation -> Microsoft) Task: {B3EAAA58-D24A-413F-BA79-0A363B53B73B} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-3459889486-3951885560-3942257353-500 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [26552 2025-08-09] (Microsoft Corporation -> Microsoft) Task: {48287204-DF23-40CB-989D-0B2CE213EB97} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [67448 2025-08-09] (Microsoft Corporation -> Microsoft) Task: {613C6EB6-EC9C-4155-AC08-1382D6A0D869} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\apps\VStudioNet2015\Common7\IDE\VSIXAutoUpdate.exe (No File) Task: {B098BB6E-3A6F-4D3A-85C4-57AA0759078B} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\AppInstallerUpdater => C:\Windows\system32\rundll32.exe [89600 2025-04-23] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,AppInstallerUpdateAllTask Task: {53D56FFD-90ED-4FD1-85C4-BD02A429A733} - System32\Tasks\Microsoft\Windows\PLA\DocDBEmulatorTrace => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {8F328070-C9CE-4095-B560-EED793D17B71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6E3708C8-CCE5-4AB6-93D6-AF24FD863286} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8C7F96D4-1C04-4879-9468-F3F3C4BB384A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6C0E5648-D066-4D45-B704-0C5F4FF28078} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpCmdRun.exe [1778240 2025-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {39472854-AC75-4370-8A3B-596D7BA6B66F} - System32\Tasks\Mozilla\Firefox Background Update BED636CFE48E0EC4 => D:\apps\firefox\firefox.exe [694912 2025-08-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\BED636CFE48E0EC4\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\BED636CFE48E0EC4\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). Task: {ADA5342A-5877-4BE1-A5B6-ADBFA18640E3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3459889486-3951885560-3942257353-500 BED636CFE48E0EC4 => D:\apps\firefox\firefox.exe [694912 2025-08-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\BED636CFE48E0EC4\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\BED636CFE48E0EC4\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). Task: {8AF646CD-2507-416E-84D6-6B9F0F5027EC} - System32\Tasks\MSI Task Host - FixNorton.exe => C:\Program Files (x86)\MSI\MSI Center\PushCast\Push20221215131801\FixNorton.exe [25208 2022-12-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {72B7D4DA-0826-4151-A28A-8B7C07A842CB} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [3399320 2025-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {C966032D-CB16-4AA0-AE79-820D03899591} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Autofix => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /ui (No File) Task: {419A22F2-07A2-4AFE-B1D7-752FD617EE46} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /analyze (No File) Task: {EEA9FC05-EF25-4C5A-B0AE-C7A7A632E886} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Processor => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /submit (No File) Task: {07BB0E4E-F80A-4860-A3CF-BD1A5311D2EA} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.12.0.104\SymErr.exe /ui (No File) Task: {7F78201E-E4A8-4DEC-AC3E-F2E003CCEE6E} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.12.0.104\SymErr.exe /analyze (No File) Task: {8F052CD9-0127-4207-8EA9-DF54C18D92C6} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.12.0.104\SymErr.exe /submit (No File) Task: {BBD49F0B-90AE-4A7F-95E3-47F815AD93E7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {6202900F-FD83-432E-99E5-D69BA83779A3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341432 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {54C89CA7-1268-4EE4-927A-4E759C0CF157} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647424 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {36CA663E-59D0-41D6-B443-D9CF83AAA8F7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {60DB2D17-CA6F-44FF-A6BE-52DA51E1E1F6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {A7D91A13-C18C-4BDC-89AA-06821287E70D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {0BB3BEFC-D5AA-440E-9C4A-53442647E4D7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {13B7C21A-2F4C-443C-A705-CD9B321D4FED} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {E1D95A80-62D5-488D-B1DE-E65EC6357FD2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2024-06-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {EF37020A-BF38-4198-8A5A-8831B148378E} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3459889486-3951885560-3942257353-500 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\25.137.0715.0001\OneDriveLauncher.exe [685456 2025-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {ED00851B-CC59-4A26-AE7A-BFF3AA6640C4} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {3489607F-EB88-42BC-AA2E-1A84E077F29A} /quiet /qn Task: {ED00851B-CC59-4A26-AE7A-BFF3AA6640C4} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> C:\Program Files (x86)\PowerENGAGE\\scheduled-run Task: {5E022BDE-61B0-4138-A627-4FBD13E67643} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-07] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 64.59.135.149 64.59.128.111 Tcpip\..\Interfaces\{66db78e4-7d61-4fed-8427-92e6cfff2324}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{66db78e4-7d61-4fed-8427-92e6cfff2324}: [DhcpDomain] hitronhub.home Tcpip\..\Interfaces\{714bc81f-9493-4f1e-b8fe-870001658351}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{714bc81f-9493-4f1e-b8fe-870001658351}: [DhcpNameServer] 192.168.5.1 0.0.0.0 Tcpip\..\Interfaces\{7dba7b65-ef4d-4609-a7dc-507ca3661c8d}: [DhcpNameServer] 64.59.135.149 64.59.128.111 Tcpip\..\Interfaces\{8462bb01-a531-4ea5-9f02-fc0aa26fd187}: [NameServer] 8.8.8.8,8.8.4.4 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default [2025-08-12] Edge DownloadDir: Default -> D:\temp Edge Notifications: Default -> hxxps://forums.garmin.com; hxxps://uat.dupr.gg Edge HomePage: Default -> hxxp://www.google.com/ Edge StartupUrls: Default -> "file:///D:/iefavorites/my_links.html" Edge Extension: (Microsoft Edge Unminification Extension) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgjgjfacjflmgphhhepmbhhbgjieaecn [2025-05-02] Edge Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-26] Edge Extension: (Edge relevant text changes) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (Microsoft Edge DevTools Enhancements) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbdpdaobnofkbopebjglnaadopfikhh [2023-11-24] FireFox: ======== FF DefaultProfile: wue22pm6.default-1554690668946 FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\wue22pm6.default-1554690668946 [2025-08-06] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-07-15] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-08-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-3459889486-3951885560-3942257353-500: SkypeForBusinessPlugin-16.2 -> C:\Users\Administrator\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.232\npGatewayNpapi.dll [2017-11-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-3459889486-3951885560-3942257353-500: SkypeForBusinessPlugin64-16.2 -> C:\Users\Administrator\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.232\npGatewayNpapi-x64.dll [2017-11-18] (Microsoft Corporation -> Microsoft Corporation) StartMenuInternet: FIREFOX.EXE - D:\apps\firefox\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2025-08-11] CHR DownloadDir: D:\temp CHR Notifications: Default -> hxxps://www.bpwebs.com; hxxps://www.chess.com CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-11-03] CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-03] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKU\S-1-5-21-3459889486-3951885560-3942257353-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor11.0; D:\apps\photoshop11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103760 2025-03-27] (Apple Inc. -> Apple Inc.) R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd) [File not signed] R2 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [504320 2025-02-21] (Brother Industries, Ltd.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13283712 2025-08-10] (Microsoft Corporation -> Microsoft Corporation) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [124008 2025-06-03] (Intel Corporation -> Intel) R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [123496 2025-06-03] (Intel Corporation -> Intel) S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_c25dbc60ad3b371a\lib\PlatformLicenseManagerService.exe [742904 2024-08-07] (Intel Corporation -> Intel(R) Corporation) R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MpDefenderCoreService.exe [2050952 2025-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [134160 2025-05-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [181776 2025-04-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [41064 2024-04-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-02] (HP Inc.) [File not signed] R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-02] (HP Inc.) [File not signed] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [918432 2025-07-23] (Microsoft Windows Publisher -> Microsoft Corporation) R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\UsbAppControl\USBAppControl.exe [11776 2025-07-28] () [File not signed] R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.) S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [43432 2025-08-09] (Microsoft Corporation -> Microsoft) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [163456 2025-06-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\NisSrv.exe [4517784 2025-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25070.5-0\MsMpEng.exe [282464 2025-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl\WorkflowAppControl.exe [20992 2025-07-28] () [File not signed] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_2325b3303ea42f05\iaLPSS2_GPIO2_ADL.sys [160864 2024-07-03] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation) R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90304 2024-06-05] (Intel Corporation -> Intel Corporation) R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [332184 2025-08-11] (Microsoft Windows -> Microsoft Corporation) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-11] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32592 2024-09-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [32472 2024-09-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2024-06-10] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> ) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation -> Corel Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20888 2025-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-27] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [627120 2025-08-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [101792 2025-08-11] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; no ImagePath S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2025-08-12 08:58 - 2025-08-12 08:58 - 000000000 ____D C:\FRST 2025-08-12 08:35 - 2025-08-12 08:35 - 000000000 ____D C:\ProgramData\Dbg 2025-08-11 18:14 - 2025-08-11 19:08 - 000000000 ___HD C:\$WINDOWS.~BT 2025-08-11 14:37 - 2025-08-11 14:38 - 000000000 ___HD C:\$GetCurrent 2025-08-11 14:37 - 2025-08-11 14:38 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant 2025-08-11 14:29 - 2025-08-11 14:29 - 000000000 ____D C:\ProgramData\NortonRnR 2025-08-11 14:13 - 2025-08-11 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2025-08-06 14:26 - 2018-03-23 17:02 - 002596320 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2025-08-06 14:26 - 2018-03-23 17:02 - 001767824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2025-08-06 14:26 - 2018-03-23 17:02 - 000633224 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2025-08-06 14:26 - 2018-03-23 17:02 - 000451040 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2025-08-06 14:26 - 2018-03-23 17:02 - 000123840 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2025-08-06 14:26 - 2018-03-23 17:02 - 000083072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2025-08-06 14:26 - 2018-03-21 05:22 - 008114212 _____ C:\Windows\system32\nvcoproc.bin 2025-08-06 12:13 - 2025-08-11 21:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2025-08-06 12:10 - 2025-08-06 12:10 - 016503472 _____ (Audacity Team ) C:\Users\Administrator\Downloads\audacity-win-3.7.4-32bit.exe 2025-08-06 12:08 - 2025-08-11 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git 2025-08-06 12:02 - 2025-08-06 12:04 - 000000000 ____D C:\AdwCleaner 2025-08-05 16:41 - 2025-08-11 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2025-08-05 16:41 - 2025-08-05 16:41 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2025-08-05 16:41 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2025-08-05 16:41 - 2024-06-10 04:02 - 002857728 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2025-08-05 16:41 - 2024-06-10 04:02 - 002201208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2025-08-05 16:41 - 2024-06-10 04:02 - 001295992 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2025-08-05 16:41 - 2024-06-10 04:02 - 000082552 _____ C:\Windows\system32\FvSDK_x64.dll 2025-08-05 16:41 - 2024-06-10 04:02 - 000071288 _____ C:\Windows\SysWOW64\FvSDK_x86.dll 2025-08-05 16:39 - 2024-06-11 10:43 - 001859864 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2025-08-05 16:39 - 2024-06-11 10:43 - 001859864 _____ C:\Windows\system32\vulkaninfo.exe 2025-08-05 16:39 - 2024-06-11 10:43 - 001439920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2025-08-05 16:39 - 2024-06-11 10:43 - 001439920 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2025-08-05 16:39 - 2024-06-11 10:43 - 000953008 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2025-08-05 16:39 - 2024-06-11 10:43 - 000953008 _____ C:\Windows\SysWOW64\vulkan-1.dll 2025-08-05 16:39 - 2024-06-11 10:42 - 001479728 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2025-08-05 16:39 - 2024-06-11 10:42 - 001217048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2025-08-05 16:39 - 2024-06-11 10:42 - 001098928 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2025-08-05 16:39 - 2024-06-11 10:42 - 001098928 _____ C:\Windows\system32\vulkan-1.dll 2025-08-05 16:39 - 2024-06-11 10:39 - 000719512 _____ C:\Windows\system32\nvofapi64.dll 2025-08-05 16:39 - 2024-06-11 10:39 - 000649240 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2025-08-05 16:39 - 2024-06-11 10:39 - 000578584 _____ C:\Windows\SysWOW64\nvofapi.dll 2025-08-05 16:39 - 2024-06-11 10:38 - 000711320 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2025-08-05 16:39 - 2024-06-11 10:38 - 000678952 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2025-08-05 16:39 - 2024-06-11 10:38 - 000567448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2025-08-05 16:39 - 2024-06-11 10:37 - 000922240 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2025-08-05 16:39 - 2024-06-11 10:37 - 000753712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2025-08-05 16:39 - 2024-06-11 10:37 - 000451096 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2025-08-05 16:39 - 2024-06-11 10:35 - 000853016 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2025-08-05 16:39 - 2018-04-12 19:33 - 000048407 _____ C:\Windows\system32\nvinfo.pb 2025-08-05 16:39 - 2018-03-23 17:02 - 005952392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2025-08-05 16:38 - 2024-06-10 04:02 - 000050272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys 2025-08-05 16:38 - 2024-06-10 04:02 - 000044536 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2025-08-05 16:37 - 2025-08-05 16:37 - 740751984 _____ (NVIDIA Corporation) C:\Users\Administrator\Downloads\475.14-desktop-win10-win11-64bit-international-dch-whql.exe 2025-08-05 16:17 - 2025-08-05 16:17 - 180746544 _____ (NVIDIA Corporation) C:\Users\Administrator\Downloads\NVIDIA_app_v11.0.4.526.exe 2025-08-05 16:14 - 2025-08-05 16:14 - 000000000 ____D C:\Users\Administrator\ansel 2025-08-05 16:09 - 2025-08-05 16:41 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2025-08-05 15:51 - 2025-08-05 15:51 - 000000000 _____ C:\Windows\HPMProp.INI 2025-08-05 15:51 - 2025-02-12 06:05 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2025-08-05 15:50 - 2025-08-05 15:50 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2025-08-05 15:50 - 2020-09-23 05:49 - 003249008 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libcrypto-1_1-x64.dll 2025-08-05 15:50 - 2020-09-23 05:49 - 000929648 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libssl-1_1-x64.dll 2025-08-05 15:50 - 2011-02-11 05:23 - 000193592 _____ (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll 2025-08-05 15:50 - 2011-02-11 05:23 - 000167480 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll 2025-08-05 15:50 - 2009-02-25 07:32 - 000060440 _____ (Hewlett-Packard) C:\Windows\system32\FxCompChannel_x64.dll 2025-08-05 07:39 - 2025-08-12 08:40 - 000002425 _____ C:\Windows\system32\default_error_stack-000000-000000.txt 2025-08-04 07:37 - 2025-08-04 07:37 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2025-08-04 07:37 - 2025-08-04 07:37 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2025-08-04 07:37 - 2025-08-04 07:37 - 000000000 ____D C:\Users\Administrator\AppData\Local\Intel 2025-08-04 07:37 - 2025-05-06 04:18 - 000049888 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\semav6msr64.sys 2025-08-04 07:36 - 2025-08-04 07:36 - 000003600 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2025-08-04 07:36 - 2025-08-04 07:36 - 000001596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2025-08-03 15:31 - 2025-08-06 16:05 - 000001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2025-08-03 15:31 - 2025-08-06 16:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\PCHealthCheck 2025-07-31 10:00 - 2025-07-31 10:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\ToastNotificationManagerCompat 2025-07-30 14:42 - 2025-07-30 14:42 - 000003174 _____ C:\Windows\system32\Tasks\MSI Task Host - LEDKeeper2_Host 2025-07-30 14:42 - 2025-07-30 14:42 - 000000000 ____D C:\Program Files\WD 2025-07-30 14:42 - 2025-07-30 14:42 - 000000000 ____D C:\Program Files\Verbatim 2025-07-30 14:42 - 2025-07-30 14:42 - 000000000 ____D C:\Program Files\ENE 2025-07-30 13:25 - 2025-08-06 13:16 - 000000000 ____D C:\Windows\pss 2025-07-30 11:35 - 2025-07-30 11:35 - 000000000 ____D C:\Program Files\Intel Corporation 2025-07-30 11:32 - 2025-07-30 11:32 - 000001392 _____ C:\Users\Public\Desktop\Brother iPrint&Scan.lnk 2025-07-30 11:09 - 2025-07-30 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager 2025-07-30 11:09 - 2025-07-30 11:09 - 000000000 ____D C:\ProgramData\Paragon Software 2025-07-30 10:49 - 2025-07-30 11:51 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12 2025-07-30 10:49 - 2025-07-30 10:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\MinitoolLimited 2025-07-30 10:49 - 2021-03-26 12:07 - 003600896 _____ C:\Windows\system32\pwNative.exe 2025-07-30 10:49 - 2021-03-26 12:07 - 000019152 _____ C:\Windows\system32\pwdrvio.sys 2025-07-30 10:49 - 2021-03-26 12:07 - 000012504 _____ C:\Windows\system32\pwdspio.sys 2025-07-30 10:47 - 2025-07-30 10:47 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72} 2025-07-30 10:47 - 2025-07-30 10:47 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5} 2025-07-30 10:46 - 2025-07-30 10:46 - 000000000 ____D C:\ProgramData\Intel Package Cache {9FD91C5C-44AE-4D9D-85BE-AE52816B0294} 2025-07-30 10:44 - 2025-06-17 02:55 - 001426920 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys 2025-07-29 14:49 - 2025-07-29 14:49 - 000000000 ____D C:\Users\Administrator\Downloads\Macrium 2025-07-23 06:50 - 2025-07-23 06:50 - 000023734 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2025-07-23 06:49 - 2025-07-23 06:49 - 000023734 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2025-07-17 09:27 - 2025-08-09 07:10 - 000001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022.lnk ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2025-08-12 08:51 - 2021-12-15 18:39 - 000000000 ____D C:\Windows\SystemTemp 2025-08-12 08:48 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-08-12 08:40 - 2017-07-26 13:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\DBG 2025-08-12 08:39 - 2025-02-08 06:55 - 000003586 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3459889486-3951885560-3942257353-500 2025-08-12 08:39 - 2021-12-13 07:52 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3459889486-3951885560-3942257353-500 2025-08-12 08:38 - 2020-07-26 10:46 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3459889486-3951885560-3942257353-500 2025-08-12 08:38 - 2020-07-26 10:32 - 000002439 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-08-12 08:31 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\AppReadiness 2025-08-12 08:25 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps 2025-08-12 08:25 - 2018-07-03 07:52 - 000000000 ____D C:\ProgramData\Packages 2025-08-12 08:25 - 2017-12-10 19:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages 2025-08-12 08:10 - 2020-07-26 10:46 - 000004164 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{72C3CCDE-768B-4A4C-8BA4-67DD0B4DA692} 2025-08-12 08:09 - 2023-04-06 16:27 - 000000000 ____D C:\Program Files (x86)\PowerENGAGE 2025-08-12 08:09 - 2019-10-03 14:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2025-08-12 08:07 - 2017-06-17 14:35 - 000000000 ____D C:\ProgramData\NVIDIA 2025-08-11 21:02 - 2025-04-01 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2025-08-11 21:02 - 2025-03-06 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.13 2025-08-11 21:02 - 2025-03-06 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js 2025-08-11 21:02 - 2025-01-28 13:15 - 000000000 ____D C:\Windows\SysWOW64\DATA 2025-08-11 21:02 - 2025-01-20 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2025-08-11 21:02 - 2024-11-06 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trader Workstation 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\3082 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\1055 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\1049 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\1046 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\1045 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\1040 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\1036 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\SysWOW64\1029 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\3082 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\1055 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\1049 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\1046 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\1045 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\1040 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\1036 2025-08-11 21:02 - 2024-08-17 07:29 - 000000000 ____D C:\Windows\system32\1029 2025-08-11 21:02 - 2024-08-16 14:43 - 000000000 ____D C:\Windows\system32\Visual Studio 2022 2025-08-11 21:02 - 2024-05-30 07:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azure Cosmos DB Emulator 2025-08-11 21:02 - 2023-12-04 09:26 - 000000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Spelling 2025-08-11 21:02 - 2023-12-04 09:25 - 000000000 ___SD C:\Users\Brent\AppData\Roaming\Microsoft\Crypto 2025-08-11 21:02 - 2023-04-06 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2025-08-11 21:02 - 2022-11-16 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.11 2025-08-11 21:02 - 2022-01-28 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell 2025-08-11 21:02 - 2021-11-04 16:42 - 000000000 ____D C:\Program Files (x86)\MSI 2025-08-11 21:02 - 2021-10-22 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.10 2025-08-11 21:02 - 2021-09-27 07:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2025-08-11 21:02 - 2021-09-01 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Go Programming Language 2025-08-11 21:02 - 2021-08-31 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2025-08-11 21:02 - 2021-05-11 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2025-08-11 21:02 - 2021-03-28 08:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSS HTML Validator 2021 2025-08-11 21:02 - 2020-09-17 10:19 - 000000000 ____D C:\Windows\SysWOW64\%LOCALAPPDATA% 2025-08-11 21:02 - 2020-07-26 11:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS 2025-08-11 21:02 - 2020-07-26 11:36 - 000000000 ____D C:\Program Files (x86)\MSBuild 2025-08-11 21:02 - 2020-07-26 11:00 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto 2025-08-11 21:02 - 2020-07-26 10:32 - 000000000 ____D C:\Users\Brent 2025-08-11 21:02 - 2020-07-26 10:32 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows 2025-08-11 21:02 - 2020-07-26 10:32 - 000000000 ____D C:\Users\Administrator 2025-08-11 21:02 - 2019-12-07 03:54 - 000000000 ____D C:\Windows\system32\Hydrogen 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 __SHD C:\Program Files\Windows Sidebar 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ___SD C:\Windows\Downloaded Program Files 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\inetsrv 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\IME 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\spool 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\NDF 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\Macromed 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\inetsrv 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\IME 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\ServiceState 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\schemas 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\Registration 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\LiveKernelReports 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\Help 2025-08-11 21:02 - 2019-12-07 03:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2025-08-11 21:02 - 2019-11-01 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12 2025-08-11 21:02 - 2019-09-07 14:51 - 000000000 ____D C:\Windows\SysWOW64\Visual Studio 2019Templates 2025-08-11 21:02 - 2018-11-24 18:17 - 000000000 ____D C:\Windows\system32\%LOCALAPPDATA% 2025-08-11 21:02 - 2018-09-15 01:33 - 000000000 ____D C:\Windows\system32\MsDtc 2025-08-11 21:02 - 2018-07-18 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Azure Storage Explorer 2025-08-11 21:02 - 2018-03-10 12:18 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Postman 2025-08-11 21:02 - 2017-12-03 12:24 - 000000000 ____D C:\Program Files\IIS 2025-08-11 21:02 - 2017-06-17 14:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2025-08-11 21:02 - 2017-06-17 14:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2025-08-11 21:02 - 2017-06-14 16:09 - 000000000 ____D C:\Program Files\UNP 2025-08-11 21:02 - 2017-06-06 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2025-08-11 21:02 - 2017-06-06 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xamarin Workbooks 2025-08-11 21:02 - 2017-01-03 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2025-08-11 21:02 - 2016-04-27 00:42 - 000000000 __RHD C:\Users\Public\AccountPictures 2025-08-11 21:02 - 2015-04-09 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Hive ODBC Driver 1.0 (64-bit) 2025-08-11 21:02 - 2015-04-09 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Hive ODBC Driver 1.0 (32-bit) 2025-08-11 21:02 - 2014-08-03 14:55 - 000000000 ____D C:\Windows\system32\MRT 2025-08-11 21:02 - 2014-08-03 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA 2025-08-11 21:02 - 2014-08-03 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center 2025-08-11 21:02 - 2013-10-12 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Thumbnails 2025-08-11 21:02 - 2013-06-01 10:06 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Spelling 2025-08-11 21:02 - 2012-11-10 12:42 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2025-08-11 21:02 - 2012-10-22 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTP Voyager 2025-08-11 21:02 - 2012-09-18 11:33 - 000000000 ____D C:\Windows\SysWOW64\1033 2025-08-11 21:02 - 2012-09-18 11:26 - 000000000 ____D C:\Windows\system32\1033 2025-08-11 21:02 - 2012-09-03 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoteTab 7 2025-08-11 21:02 - 2012-09-02 13:59 - 000000000 ____D C:\Windows\system32\STRING 2025-08-11 21:02 - 2012-07-22 21:56 - 000000000 ____D C:\Windows\system32\appmgmt 2025-08-11 21:02 - 2012-07-22 20:49 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton 2025-08-11 21:02 - 2012-06-26 13:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2025-08-11 21:02 - 2012-06-26 13:13 - 000000000 ____D C:\Windows\SysWOW64\Atheros_L1e 2025-08-11 21:02 - 2012-06-26 13:12 - 000000000 ____D C:\Program Files\Intel 2025-08-11 21:02 - 2009-07-13 21:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2025-08-11 19:09 - 2012-12-31 12:01 - 000001456 _____ C:\Users\Administrator\AppData\Local\Adobe Save for Web 12.0 Prefs 2025-08-11 19:07 - 2020-07-26 10:49 - 001211266 _____ C:\Windows\system32\PerfStringBackup.INI 2025-08-11 19:07 - 2019-12-07 03:13 - 000000000 ____D C:\Windows\INF 2025-08-11 19:03 - 2021-08-31 19:16 - 000001623 _____ C:\Windows\system32\config\VSMIDK 2025-08-11 19:03 - 2020-07-26 10:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2025-08-11 19:03 - 2020-07-26 10:25 - 000008192 ___SH C:\DumpStack.log.tmp 2025-08-11 19:00 - 2020-05-13 09:57 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-08-11 19:00 - 2020-05-13 09:57 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2025-08-11 18:59 - 2020-07-26 11:24 - 000003756 _____ C:\Windows\diagerr.xml 2025-08-11 18:59 - 2020-07-26 11:24 - 000001908 _____ C:\Windows\diagwrn.xml 2025-08-11 18:59 - 2019-12-07 03:03 - 000786432 _____ C:\Windows\system32\config\BBI 2025-08-11 18:24 - 2020-07-25 20:51 - 000000000 ___DC C:\Windows\Panther 2025-08-11 17:51 - 2021-11-02 16:00 - 000000000 ____D C:\Program Files\Common Files\Acronis 2025-08-11 17:51 - 2019-12-07 03:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2025-08-11 17:51 - 2018-02-16 09:47 - 000000000 ____D C:\Program Files (x86)\Acronis 2025-08-11 16:31 - 2019-12-07 03:03 - 000000000 ____D C:\Windows\CbsTemp 2025-08-11 16:08 - 2020-07-26 10:26 - 000000000 ____D C:\Windows\system32\SleepStudy 2025-08-11 14:47 - 2018-04-02 17:18 - 000000000 ____D C:\Windows\system32\Drivers\wd 2025-08-11 14:39 - 2016-07-20 09:42 - 000000036 _____ C:\Windows\progress.ini 2025-08-11 14:34 - 2019-12-07 03:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2025-08-11 14:34 - 2012-06-26 13:11 - 000000000 ____D C:\Program Files (x86)\Intel 2025-08-11 14:32 - 2012-07-22 20:49 - 000000000 ____D C:\ProgramData\Norton 2025-08-11 14:30 - 2010-11-20 21:27 - 000918944 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2025-08-11 14:29 - 2012-10-26 17:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps 2025-08-11 14:25 - 2012-09-03 13:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Word 2025-08-11 14:13 - 2021-10-23 11:28 - 000001768 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2025-08-11 14:13 - 2014-06-17 20:05 - 000000000 ____D C:\ProgramData\Package Cache 2025-08-11 14:13 - 2014-06-17 20:05 - 000000000 ____D C:\ProgramData\Garmin 2025-08-11 10:20 - 2017-06-06 14:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2025-08-11 10:20 - 2012-11-08 17:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2025-08-11 10:20 - 2012-10-22 13:32 - 000000000 ____D C:\Program Files\Google 2025-08-11 10:20 - 2012-10-22 13:31 - 000000000 ____D C:\Program Files (x86)\Google 2025-08-11 09:39 - 2012-07-22 21:35 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\MMC 2025-08-10 09:47 - 2017-01-01 12:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2025-08-10 08:39 - 2021-12-26 08:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Norton 2025-08-09 07:11 - 2020-10-18 10:08 - 000000000 ____D C:\Program Files (x86)\dotnet 2025-08-09 07:11 - 2017-10-12 20:35 - 000000000 ____D C:\Users\Administrator\.dotnet 2025-08-09 07:11 - 2016-09-14 17:11 - 000000000 ____D C:\Program Files\dotnet 2025-08-09 07:07 - 2017-06-06 14:50 - 000001429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2025-08-09 07:01 - 2017-06-06 16:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\.IdentityService 2025-08-09 05:43 - 2013-02-17 18:56 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-08-08 08:48 - 2016-12-14 21:14 - 000000000 ___HD C:\temp 2025-08-08 06:50 - 2012-09-18 11:26 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs 2025-08-08 06:44 - 2012-10-22 13:31 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google 2025-08-08 06:31 - 2012-07-21 21:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2025-08-06 16:10 - 2020-07-26 11:40 - 000000000 __RSD C:\Windows\SysWOW64\WindowsDevicePortal 2025-08-06 16:10 - 2020-07-26 11:40 - 000000000 __RSD C:\Windows\system32\WindowsDevicePortal 2025-08-06 16:10 - 2020-07-26 11:40 - 000000000 ___RD C:\Windows\WebManagement 2025-08-06 14:32 - 2020-07-26 10:32 - 000000000 ____D C:\Users\DefaultAppPool 2025-08-06 13:15 - 2018-06-12 10:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache 2025-08-06 12:25 - 2014-08-03 14:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation 2025-08-06 12:11 - 2017-05-31 09:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\audacity 2025-08-06 11:05 - 2022-03-21 08:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-08-05 16:42 - 2014-08-03 14:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA 2025-08-05 16:41 - 2020-10-03 14:40 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2025-08-05 16:41 - 2017-06-17 14:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2025-08-05 16:19 - 2014-08-03 14:07 - 000000000 ____D C:\NVIDIA 2025-08-05 16:09 - 2017-10-18 20:10 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA 2025-08-04 15:28 - 2017-06-06 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools 2025-08-04 13:31 - 2021-09-01 07:25 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2025-08-04 09:49 - 2020-07-26 11:36 - 000000000 ____D C:\Windows\system32\msmq 2025-08-04 07:36 - 2012-06-26 13:12 - 000000000 ____D C:\ProgramData\Intel 2025-08-02 18:06 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\InstallShield 2025-08-02 15:54 - 2024-06-26 06:43 - 000000000 ____D C:\Windows\system32\compatrel 2025-08-02 15:54 - 2021-08-31 19:13 - 000000000 ___SD C:\Windows\SysWOW64\lxss 2025-08-02 15:54 - 2020-07-26 10:32 - 000000000 ____D C:\Users\RDV GRAPHICS SERVICE\AppData\Roaming\Microsoft\Windows 2025-08-02 15:54 - 2020-07-26 10:32 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows 2025-08-02 15:54 - 2020-07-26 10:32 - 000000000 ____D C:\Users\Brent\AppData\Roaming\Microsoft\Windows 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ___SD C:\Windows\system32\UNP 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\ta-lk 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\ta-in 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\si-lk 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\osa-Osge-001 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\my-mm 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\lv-LV 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\lt-LT 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\Keywords 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\ff-Adlm-SN 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\et-EE 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\es-MX 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\ContainerSettingsProviders 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\am-et 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\ShellComponents 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\DiagTrack 2025-08-02 15:54 - 2019-12-07 03:14 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2025-08-02 07:51 - 2020-07-26 10:46 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-08-02 07:51 - 2020-07-26 10:46 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-07-30 13:28 - 2021-12-08 09:23 - 000000000 ____D C:\MSI 2025-07-30 11:32 - 2015-06-19 14:48 - 000000000 ____D C:\Program Files (x86)\Browny02 2025-07-30 10:47 - 2021-11-04 16:51 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045} 2025-07-30 10:47 - 2021-11-04 16:51 - 000000000 ____D C:\ProgramData\Intel Package Cache {29d6077f-6adb-42de-abac-1c60aeb0e237} 2025-07-30 10:47 - 2021-11-04 16:51 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700} 2025-07-30 10:46 - 2021-11-04 16:49 - 000000000 ___HD C:\Program Files (x86)\Temp 2025-07-30 10:44 - 2012-07-22 22:11 - 000000000 ____D C:\Program Files (x86)\Realtek 2025-07-28 09:43 - 2014-08-30 08:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe 2025-07-28 07:59 - 2021-08-31 15:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Code 2025-07-25 07:31 - 2022-10-11 10:58 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2025-07-25 07:31 - 2022-10-11 10:58 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2025-07-23 18:34 - 2023-10-07 20:00 - 000000000 ____D C:\Program Files\RUXIM 2025-07-23 06:55 - 2020-07-26 10:26 - 002152688 _____ C:\Windows\system32\FNTCACHE.DAT 2025-07-23 06:54 - 2019-12-07 03:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2025-07-23 06:54 - 2019-12-07 03:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2025-07-23 06:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\SystemResources 2025-07-23 06:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\oobe 2025-07-23 06:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\migwiz 2025-07-23 06:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\system32\appraiser 2025-07-23 06:54 - 2019-12-07 03:14 - 000000000 ____D C:\Windows\bcastdvr 2025-07-23 06:53 - 2015-06-19 14:48 - 000000000 ____D C:\Program Files (x86)\Brother 2025-07-23 06:49 - 2021-11-04 17:41 - 000420246 __RSH C:\bootmgr 2025-07-23 06:49 - 2020-07-26 10:30 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2025-07-20 13:47 - 2012-09-03 14:00 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Excel 2025-07-17 08:30 - 2023-11-02 16:53 - 000000000 ____D C:\Program Files\PowerShell 2025-07-15 19:12 - 2025-07-01 06:14 - 000000090 _____ C:\logUploaderSettings_temp.ini 2025-07-15 19:12 - 2025-07-01 06:14 - 000000090 _____ C:\logUploaderSettings.ini ==================== Files in the root of some directories ======== 2014-10-17 20:11 - 2016-01-01 17:43 - 000008344 _____ () C:\Users\Administrator\JsDocComments.js 2014-10-17 20:11 - 2016-01-01 17:43 - 000003625 _____ () C:\Users\Administrator\Modern.Intellisense.js 2012-11-10 12:19 - 2012-11-10 12:19 - 001270024 _____ (Adobe Systems Incorporated) C:\Users\Administrator\PhotoshopElements_11_LS15.exe 2023-04-06 14:12 - 2005-12-08 20:51 - 000000060 ____R () C:\Program Files (x86)\BRINST.INI 2016-05-02 13:39 - 2016-05-02 13:39 - 000000132 _____ () C:\Users\Administrator\AppData\Roaming\Adobe BMP Format CS5 Prefs 2014-01-07 12:31 - 2014-01-07 12:31 - 000000132 _____ () C:\Users\Administrator\AppData\Roaming\Adobe GIF Format CS5 Prefs 2012-11-22 11:16 - 2023-04-16 15:00 - 000000132 _____ () C:\Users\Administrator\AppData\Roaming\Adobe PNG Format CS5 Prefs 2014-04-01 13:45 - 2014-04-01 13:45 - 000038434 _____ () C:\Users\Administrator\AppData\Roaming\Comma Separated Values (Windows).ADR 2016-11-11 22:52 - 2016-11-11 23:12 - 000015048 _____ () C:\Users\Administrator\AppData\Roaming\JSLintOptions.xml 2014-04-03 18:49 - 2014-04-03 18:49 - 000038432 _____ () C:\Users\Administrator\AppData\Roaming\Tab Separated Values (Windows).ADR 2012-12-31 12:01 - 2025-08-11 19:09 - 000001456 _____ () C:\Users\Administrator\AppData\Local\Adobe Save for Web 12.0 Prefs 2018-09-28 19:19 - 2025-07-31 06:08 - 000000410 _____ () C:\Users\Administrator\AppData\Local\oobelibMkey.log 2016-11-17 21:12 - 2017-07-01 15:37 - 000007603 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg 2024-08-05 08:37 - 2024-08-05 08:37 - 000000000 _____ () C:\Users\Administrator\AppData\Local\settingData.dat ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================