Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019 Ran by Jaspe (administrator) on DESKTOP-7AUP8L8 (02-01-2020 13:11:09) Running from C:\Users\Jaspe\Downloads Loaded Profiles: Jaspe (Available Profiles: Jaspe) Platform: Windows 10 Home Version 1809 17763.914 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6919\Agent.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_86340b368c732efc\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_86340b368c732efc\Display.NvContainer\NVDisplay.Container.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-814806283-1764009486-182463435-1001\...\Run: [Spotify] => C:\Users\Jaspe\AppData\Roaming\Spotify\Spotify.exe [25817832 2019-05-16] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-814806283-1764009486-182463435-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3211040 2019-10-02] (Valve -> Valve Corporation) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02FEC655-18C2-4F84-95C0-6D7C3E763D32} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {53FE10D3-2BDF-45AA-9CCB-C1FC15E37D2F} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [801048 2013-11-25] (ByELDI Certificate -> ) [File not signed] Task: {6F5CD486-3F2B-4764-AA46-CE3658B2F29A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7CCD79F5-A73D-4353-9574-F7C035D25045} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FE103643-0600-4957-AD32-F588CE19F4BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 Tcpip\..\Interfaces\{5b930fe2-38e8-4846-ab2d-58bc9d2b1907}: [DhcpNameServer] 192.168.2.254 Tcpip\..\Interfaces\{80541d80-f3f1-4113-98c7-0540717c37ac}: [DhcpNameServer] 192.168.2.254 Internet Explorer: ================== HKU\S-1-5-21-814806283-1764009486-182463435-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D061218-A9FCDBB39EF&form=CONMHP&conlogo=CT3335799 HKU\S-1-5-21-814806283-1764009486-182463435-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_10c BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: pu0mrgri.default FF ProfilePath: C:\Users\Jaspe\AppData\Roaming\Mozilla\Firefox\Profiles\pu0mrgri.default [2020-01-02] FF Homepage: Mozilla\Firefox\Profiles\pu0mrgri.default -> www.google.com FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_86340b368c732efc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_86340b368c732efc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2016-07-26] (Intel(R) Smart Connect software -> ) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3529824 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_86340b368c732efc\nvlddmkm.sys [22739600 2019-11-05] (NVIDIA Corporation -> NVIDIA Corporation) R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2019-12-14] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-14] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-02 13:11 - 2020-01-02 13:12 - 000010780 _____ C:\Users\Jaspe\Downloads\FRST.txt 2020-01-02 13:07 - 2020-01-02 13:11 - 000000000 ____D C:\FRST 2020-01-02 13:07 - 2020-01-02 13:07 - 002272256 _____ (Farbar) C:\Users\Jaspe\Downloads\FRST64.exe 2020-01-02 12:20 - 2020-01-02 12:21 - 000000000 ____D C:\Windows\LastGood 2019-12-29 18:27 - 2019-12-29 18:29 - 000000000 ____D C:\Users\Jaspe\Downloads\AddOns 2019-12-15 13:20 - 2019-12-15 19:47 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-12-14 18:50 - 2019-12-14 18:50 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 007886848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 007645384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 006541712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 006444032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 003638272 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2019-12-14 18:50 - 2019-12-14 18:50 - 003576832 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 003387392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2019-12-14 18:50 - 2019-12-14 18:50 - 002699768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 002233688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 002192384 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 002072384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-12-14 18:50 - 2019-12-14 18:50 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001677808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001676288 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001668960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001666440 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001656192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001473088 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 001465264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 001201128 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000901120 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 000793824 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000764928 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 000678672 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 000603792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe 2019-12-14 18:50 - 2019-12-14 18:50 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000508928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000505632 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2019-12-14 18:50 - 2019-12-14 18:50 - 000408736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2019-12-14 18:50 - 2019-12-14 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-02 13:12 - 2019-05-15 23:12 - 000000000 ____D C:\Users\Jaspe\AppData\Local\Battle.net 2020-01-02 13:01 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-02 12:39 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF 2020-01-02 12:31 - 2019-03-03 13:15 - 000000000 ____D C:\Users\Jaspe\AppData\LocalLow\Mozilla 2020-01-02 12:21 - 2019-03-03 13:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-01-02 12:21 - 2019-03-03 13:14 - 000000000 ____D C:\ProgramData\NVIDIA 2020-01-02 12:21 - 2019-03-03 13:14 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-01-02 12:21 - 2019-03-03 13:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-01-02 12:20 - 2019-08-20 21:22 - 000088249 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 2020-01-02 12:20 - 2019-08-20 21:22 - 000011976 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1 2020-01-02 12:20 - 2019-08-20 21:21 - 000016595 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 2020-01-02 12:20 - 2019-03-03 13:13 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2020-01-02 11:31 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness 2020-01-02 11:30 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-31 14:23 - 2019-08-21 19:15 - 000008030 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1 2019-12-29 18:55 - 2019-08-21 17:28 - 000006564 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1 2019-12-29 18:55 - 2019-03-03 13:07 - 000795992 _____ C:\Windows\system32\PerfStringBackup.INI 2019-12-29 18:48 - 2019-03-03 21:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-29 18:47 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI 2019-12-29 18:45 - 2019-09-05 20:56 - 000008030 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1 2019-12-28 18:03 - 2019-09-03 23:36 - 000007639 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1 2019-12-24 12:00 - 2019-08-31 13:08 - 000008033 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1 2019-12-21 20:32 - 2019-08-30 19:49 - 000007651 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1 2019-12-21 17:08 - 2019-05-15 23:11 - 000000000 ____D C:\Program Files (x86)\Battle.net 2019-12-21 15:07 - 2019-03-03 21:55 - 000000000 ____D C:\Windows\system32\SleepStudy 2019-12-20 10:56 - 2019-08-30 18:03 - 000000000 ____D C:\Program Files (x86)\World of Warcraft 2019-12-15 19:47 - 2019-03-03 13:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-12-15 14:42 - 2019-03-03 13:15 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-12-15 12:27 - 2019-03-03 13:59 - 000000044 _____ C:\Users\Jaspe\jagex_cl_oldschool_LIVE.dat 2019-12-15 12:27 - 2019-03-03 13:59 - 000000024 _____ C:\Users\Jaspe\random.dat 2019-12-15 12:26 - 2019-03-03 13:58 - 000000000 ____D C:\Users\Jaspe\.runelite 2019-12-15 12:23 - 2019-03-03 21:55 - 000451392 _____ C:\Windows\system32\FNTCACHE.DAT 2019-12-14 19:47 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences 2019-12-14 19:47 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr 2019-12-14 19:46 - 2019-08-31 16:18 - 000008030 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1 2019-12-14 19:00 - 2019-03-03 15:18 - 000000000 ____D C:\Windows\system32\MRT 2019-12-14 18:56 - 2019-03-03 15:18 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-12-14 18:56 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp 2019-12-14 18:30 - 2019-03-03 21:56 - 000000000 ____D C:\Windows\system32\Drivers\wd 2019-12-07 11:32 - 2019-06-20 16:53 - 000000000 ____D C:\Users\Jaspe\AppData\Local\CrashDumps ==================== Files in the root of some directories ======== 2019-08-04 11:23 - 2019-08-16 11:44 - 000007608 _____ () C:\Users\Jaspe\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================