Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-02-2023 Ran by nickj (administrator) on LAPTOP-4LBAS2EC (Razer Blade 14 - RZ09-0370) (04-02-2023 17:54:48) Running from C:\Users\nickj\Downloads\New ROADS Loaded Profiles: nickj Platform: Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avpui.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe (DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\atieclxx.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18> (Microsoft Corporation -> Microsoft Corporation) C:\Users\nickj\AppData\Local\Microsoft\OneDrive\23.007.0109.0004\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\nickj\AppData\Local\Microsoft\OneDrive\23.007.0109.0004\Microsoft.SharePoint.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\atiesrxx.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe (services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_e040dfd3f9f5ce72\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21314.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21314.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe [1262168 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-10] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [AvastBrowserAutoLaunch_CFAAD7198488C610079C0286AEB9E63F] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3260424 2023-01-11] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2023-01-03] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7280080 2023-01-21] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5142728 2023-01-11] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-10] (Razer USA Ltd. -> Razer Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19817.75\Installer\chrmstp.exe [2023-01-25] (Avast Software s.r.o. -> AVAST Software) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1F974FBF-CDFF-44FB-A01A-F6AD34269A2A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564240 2022-12-28] (Microsoft Corporation -> Microsoft Corporation) Task: {27F000F4-9A0C-4933-8659-9A9345A687E0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208736 2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {2863586A-2675-4C76-96B5-2E810D8F8F01} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-14] (Avast Software s.r.o. -> AVAST Software) Task: {35DB82B9-B582-4F97-B764-EB157973F5A1} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.78\Installer\setup.exe [4022216 2023-02-04] (Microsoft Corporation -> Microsoft Corporation) Task: {4742AEA5-B190-417B-8604-978B6BC1ABEA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {50A60B3D-7313-453D-B506-67C515A7B48F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {538D9A45-4551-42A7-8DB8-FA1CD3228A1A} - System32\Tasks\Firefox Default Browser Agent 255DA52F89B9D88E => C:\Users\nickj\AppData\Roaming\bcetrtf [65440 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION Task: {5EFBC6D8-807D-4A90-A5C5-40434527273E} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE} => C:\Program Files (x86)\east-tec Eraser\etUpdateMonitor.exe (No File) Task: {630709CE-A931-4319-9833-70651422D91C} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [740040 2022-12-05] (AO Kaspersky Lab -> AO Kaspersky Lab) Task: {63D9D701-DB7F-4446-973C-78423CCE0CFD} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [623760 2021-12-02] (AO Kaspersky Lab -> AO Kaspersky Lab) Task: {64CCC1D1-09D6-4111-8D65-82765ADB66BD} - System32\Tasks\GoogleUpdateTaskMachineCore{AA90D5CB-63F7-4D66-886A-DEAE946B4D87} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-08] (Google LLC -> Google LLC) Task: {77046D4C-C4C7-42C8-9FA1-797F426EC7D4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208736 2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {7746776B-7BBA-4EC8-A46A-6FBF4CADFE70} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-14] (Avast Software s.r.o. -> AVAST Software) Task: {9144F508-6CCB-4EDF-A9C9-0491CA5C81BB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3260424 2023-01-11] (Avast Software s.r.o. -> AVAST Software) Task: {92304627-8959-4308-882D-E8702260D6F2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {95A31E25-C601-43F4-A8D0-87FCBBE29134} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck Task: {9A423570-A182-4C4D-B0E0-2785A875CB1C} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE} => C:\Program Files (x86)\east-tec Eraser\etEraser.exe (No File) Task: {9F3E742F-F056-4A01-8002-F17E4B6DD612} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B58900D4-3256-4EAD-979F-6118DB501FA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513784 2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {C31161AF-3459-4F9F-ADB4-1976D68AD042} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CA3220F3-027F-4575-B204-710CE8D123F7} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3260424 2023-01-11] (Avast Software s.r.o. -> AVAST Software) Task: {D295A70E-51AA-495B-8462-5509B11610E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564240 2022-12-28] (Microsoft Corporation -> Microsoft Corporation) Task: {D681C540-61F7-4DA0-8DFB-1618F37F07A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {D6CC2588-DE70-45DD-9801-84B999F7451E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ED15EFD6-22B3-4EF5-B480-9A7C66C2F2C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513784 2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {F0A36BC6-B0D0-4323-B8A3-54DA73C8ABEA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F7249318-5F94-46FE-B14A-647C964EB5E8} - System32\Tasks\GoogleUpdateTaskMachineUA{FB260BA8-BB50-4429-B58B-D815C594AC43} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-08] (Google LLC -> Google LLC) Task: {FA3D4EEA-F0EB-43A6-BC49-606AAB8C0194} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-16] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {FE4AD356-07C7-4224-9BDB-EC7B9B2C3BFB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-28] (Nvidia Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{3e546cd7-5487-46c0-9326-8d9a38ec1290}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{f177f56e-670f-403c-b886-6c1b9fb4b931}: [DhcpNameServer] 192.168.1.1 192.168.68.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\nickj\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-29] Edge Extension: (Kaspersky Protection) - C:\Users\nickj\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-27] Edge HKU\S-1-5-21-3323940460-2476448031-453550397-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-14] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-14] (Avast Software s.r.o. -> AVAST Software) Chrome: ======= CHR Profile: C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default [2023-02-04] CHR Notifications: Default -> hxxps://www.repco.com.au; hxxps://www.tijd.be CHR Extension: (Magic Actions for YouTube™) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2023-01-19] CHR Extension: (Just Black) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-12-12] CHR Extension: (Kaspersky Protection) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-26] CHR Extension: (MEGA) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2023-02-04] CHR Extension: (YouTube Control Center) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\boplfaeblpnpahldaijlikpgdbgdmhko [2022-10-29] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-01-27] CHR Extension: (Google Docs Offline) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-15] CHR Extension: (SmartVideo For YouTube™) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2022-10-29] CHR Extension: (Chrome Web Store Payments) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-11] CHR Extension: (Privacy Test) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2022-07-02] CHR Extension: (Outlook.com) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2022-01-13] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-14] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-14] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19817.75\elevation_service.exe [1803328 2023-01-11] (Avast Software s.r.o. -> AVAST Software) R2 AVP21.8; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe [32008 2022-10-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9491920 2022-12-28] (Microsoft Corporation -> Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) S2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [27784 2022-02-22] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.) S3 klvssbridge64_21.8; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\vssbridge64.exe [452808 2022-10-13] (AO Kaspersky Lab -> AO Kaspersky Lab) S4 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [375440 2021-12-02] (AO Kaspersky Lab -> AO Kaspersky Lab) S4 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-12-11] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-28] (Malwarebytes Inc. -> Malwarebytes) R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [281464 2022-02-18] (nordvpn s.a. -> TEFINCOM S.A.) S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1142808 2021-10-20] (Razer USA Ltd. -> Razer Inc.) S4 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [451608 2021-11-17] (Razer USA Ltd. -> Razer Inc.) S4 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1347640 2021-10-20] (Razer USA Ltd. -> Razer Inc.) S4 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-19] (Razer USA Ltd. -> Razer Inc) S4 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-12-10] (Razer USA Ltd. -> Razer Inc.) S4 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.) S4 VSSrv; C:\Windows\System32\VSSrv.exe [2422904 2022-01-04] (THX Ltd -> VisiSonics) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_e040dfd3f9f5ce72\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_e040dfd3f9f5ce72\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X] S4 rsSyncSvc; C:\Program Files\RAVAntivirus\x64\rsSyncSvc.exe -rpn:ravantivirus -lpn:rav_antivirus -url:hxxps://update.reasonsecurity.com/v1/live ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AMDAfdAudioService; C:\Windows\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_900bfe66302ff6f3\amdacpafd.sys [354688 2021-09-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\amdkmdag.sys [80463176 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [240536 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 klbackupdisk.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klbackupdisk.sys [122728 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klbackupflt.sys [233344 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\kldisk.sys [135040 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [60544 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 KLFLT.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klflt.sys [553336 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klgse.sys [717448 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLHK.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klhk.sys [1729160 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.8\Bases\klids.sys [244832 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klif.sys [1134936 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [107888 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klkbdflt.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klkbdflt.sys [125288 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klmouflt.sys [123768 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klpd.sys [90496 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klpnpflt.sys [107880 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_Kaspersky4Win-21-8_arkmon; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_arkmon.sys [382304 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_Kaspersky4Win-21-8_klark; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_klark.sys [359976 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_Kaspersky4Win-21-8_klbg; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_klbg.sys [190048 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_Kaspersky4Win-21-8_mark; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_mark.sys [270672 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [166792 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klwtp.sys [416616 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [341864 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 NDivert; C:\Program Files\NordVPN\6.48.18.0\Drivers\NDivert.sys [131456 2022-04-05] (nordvpn s.a. -> Nordvpn S.A.) R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [233984 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation) S3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2022-03-28] (Noriyuki MIYAZAKI -> OpenLibSys.org) R1 ReasonCamFilter; C:\Windows\System32\DRIVERS\ReasonCamFilter.sys [49992 2021-12-19] (Reason CyberSecurity Inc. -> Reason Software Company) S3 RtkUsbAD_03F00269; C:\Windows\system32\drivers\RtUsbA64_03F00269.sys [428840 2020-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-31] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0270; C:\Windows\System32\drivers\RzDev_0270.sys [55368 2021-01-19] (Razer USA Ltd. -> Razer Inc) R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2022-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [473376 2022-12-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-11] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29592 2022-05-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2023-02-04 17:54 - 2023-02-04 17:55 - 000000000 ____D C:\FRST 2023-02-04 17:36 - 2023-02-04 17:30 - 607458330 _____ C:\Users\nickj\Desktop\20230204_172209.mp4 2023-02-04 11:35 - 2023-02-04 11:35 - 000000000 ____D C:\Windows\LastGood.Tmp 2023-02-04 11:32 - 2023-01-18 16:23 - 002236992 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 002236992 _____ C:\Windows\system32\vulkaninfo.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 001642560 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 001642560 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 001444416 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001444416 _____ C:\Windows\system32\vulkan-1.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001226776 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001168952 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001168952 _____ C:\Windows\SysWOW64\vulkan-1.dll 2023-02-04 11:32 - 2023-01-18 16:19 - 000865256 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2023-02-04 11:32 - 2023-01-18 16:19 - 000672296 _____ C:\Windows\system32\nvofapi64.dll 2023-02-04 11:32 - 2023-01-18 16:19 - 000506856 _____ C:\Windows\SysWOW64\nvofapi.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 002163736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 001619968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 001532432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 001192968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 000949736 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 000743976 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2023-02-04 11:32 - 2023-01-18 16:18 - 000734232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 012453352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 010220536 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 005890552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 005865976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 003334664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 000457712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2023-02-04 11:32 - 2023-01-18 16:16 - 005818872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2023-02-04 11:32 - 2023-01-18 16:16 - 000853016 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2023-02-04 11:32 - 2023-01-18 16:14 - 006517008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2023-02-04 11:32 - 2023-01-16 09:11 - 000101010 _____ C:\Windows\system32\nvinfo.pb 2023-02-03 15:47 - 2023-02-03 15:47 - 000000762 _____ C:\Users\nickj\Desktop\Downloads - Shortcut.lnk 2023-02-02 11:28 - 2023-02-02 11:28 - 000000000 ____D C:\Users\nickj\Desktop\New folder (2) 2023-02-02 11:14 - 2023-02-02 11:14 - 000000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNCHARTED™ Legacy of Thieves Collection.lnk 2023-02-02 11:14 - 2023-02-02 11:14 - 000000935 _____ C:\Users\nickj\Desktop\UNCHARTED™ Legacy of Thieves Collection.lnk 2023-02-01 17:53 - 2023-02-01 17:53 - 000000112 ___SH C:\bootTel.dat 2023-02-01 15:16 - 2023-02-01 15:16 - 000000000 ____D C:\Users\nickj\Desktop\Uncharted Legacy of Thieves Collection 2023-01-31 09:11 - 2023-01-31 09:11 - 000000000 ____D C:\Users\nickj\Downloads\UNCHARTED.Legacy.of.Thieves.Collection.Update.Only.v1.3.20812 2023-01-28 21:46 - 2023-01-28 21:46 - 000001415 _____ C:\Users\nickj\Desktop\Drugs Inc - Season 1, 2, 3, 4, 5, 6, 7, + Specials - 720P - x264 - Shortcut.lnk 2023-01-28 20:57 - 2023-01-29 10:23 - 2006663284 _____ C:\Users\nickj\Downloads\[TorrentCounter.to].Spirited.Away.2001.English.Dubbed.1080p.BluRay.x264.[1.8GB].mp4 2023-01-28 14:44 - 2023-01-28 14:39 - 000972781 _____ C:\Users\nickj\Downloads\22AF0A7B-5D5A-449F-B92F-78ED2DC3DE9E.jpeg 2023-01-28 14:44 - 2023-01-28 14:39 - 000591935 ____T C:\Users\nickj\Downloads\50CF5394-A990-463D-A29D-F54F280FA5C1.jpeg 2023-01-27 19:40 - 2023-01-27 19:40 - 000000947 _____ C:\Users\nickj\Desktop\Invoices ABN - Shortcut.lnk 2023-01-24 08:46 - 2023-01-24 08:46 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2023-01-22 18:03 - 2023-02-02 11:24 - 000000000 ____D C:\ProgramData\Naughty Dog 2023-01-22 18:02 - 2023-01-22 18:02 - 000001622 _____ C:\Users\nickj\Desktop\Activation - Shortcut.lnk 2023-01-22 17:51 - 2023-02-01 17:15 - 000000000 ____D C:\Users\nickj\AppData\Roaming\xzverbre 2023-01-22 17:51 - 2023-01-22 18:01 - 000000000 ____D C:\Users\nickj\AppData\Roaming\ytytyrbre 2023-01-22 17:51 - 2023-01-22 17:51 - 000003728 _____ C:\Windows\system32\Tasks\Firefox Default Browser Agent 255DA52F89B9D88E 2023-01-22 17:51 - 2023-01-22 17:51 - 000000000 ____D C:\Users\nickj\Documents\Custom Office Templates 2023-01-22 17:50 - 2023-02-01 17:15 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Meow 2023-01-22 17:50 - 2023-01-22 19:26 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Colors 2023-01-22 17:50 - 2023-01-22 17:50 - 000000000 ____D C:\Users\Public\Docs 2023-01-22 17:50 - 2023-01-22 17:50 - 000000000 ____D C:\Users\nickj\AppData\Local\Yandex 2023-01-22 17:49 - 2023-02-01 17:15 - 000000000 ____D C:\Users\nickj\AppData\Roaming\ViperFolder 2023-01-22 17:49 - 2023-01-22 18:01 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Cached files 2023-01-22 17:49 - 2023-01-22 17:49 - 000002459 _____ C:\Users\nickj\Desktop\Word.lnk 2023-01-22 17:47 - 2023-01-22 18:01 - 000000000 ____D C:\Users\nickj\AppData\Roaming\License 2023-01-22 17:47 - 2023-01-22 17:47 - 000000000 ____D C:\Program Files (x86)\KMSauto.net 2023-01-22 17:45 - 2023-01-22 17:45 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2023-01-22 17:45 - 2023-01-22 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2023-01-22 17:44 - 2023-01-24 08:44 - 000000000 ____D C:\Program Files\Microsoft Office 2023-01-22 17:44 - 2023-01-22 17:44 - 000000000 ____D C:\Program Files\Microsoft Office 15 2023-01-22 17:41 - 2023-01-22 17:43 - 000000000 ____D C:\Users\nickj\AppData\Local\SaraResults 2023-01-22 17:32 - 2023-01-22 17:32 - 000000520 _____ C:\Users\nickj\Desktop\Microsoft Support and Recovery Assistant.appref-ms 2023-01-22 17:32 - 2023-01-22 17:32 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2023-01-22 17:32 - 2023-01-22 17:32 - 000000000 ____D C:\Users\nickj\AppData\Local\SaRALogs 2023-01-22 17:27 - 2023-01-22 17:42 - 000000000 ____D C:\Users\nickj\AppData\Local\Deployment 2023-01-22 17:27 - 2023-01-22 17:27 - 000000000 ____D C:\Users\nickj\AppData\Local\Apps\2.0 2023-01-22 16:46 - 2023-01-22 16:47 - 000000000 ____D C:\Users\nickj\Downloads\Microsoft Office Professional Plus 2019 English + Full Activation 2023-01-21 19:32 - 2023-01-22 15:40 - 000000000 ____D C:\Users\nickj\Downloads\Everything Everywhere All At Once (2022) [1080p] [WEBRip] [5.1] [YTS.MX] 2023-01-21 11:25 - 2023-01-21 11:25 - 005924261 _____ C:\Users\nickj\Downloads\tdu-2023_stage-5.pdf 2023-01-21 09:28 - 2023-01-21 09:28 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2023-01-16 20:15 - 2023-02-04 09:52 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-01-15 22:10 - 2023-01-15 22:20 - 000414675 _____ C:\Users\nickj\Desktop\Mengyao cover letter.pdf 2023-01-15 21:49 - 2023-01-15 21:49 - 000664889 _____ C:\Users\nickj\Desktop\Jessica Zhao CV.pdf 2023-01-14 20:39 - 2023-01-14 20:39 - 000001592 _____ C:\Users\nickj\Desktop\Little Nightmares II.lnk 2023-01-14 20:39 - 2023-01-14 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Nightmares II 2023-01-14 20:38 - 2023-01-14 20:39 - 000000000 ____D C:\Program Files (x86)\Little Nightmares II 2023-01-11 21:14 - 2023-01-11 21:23 - 000000000 ____D C:\Users\nickj\Downloads\The Silence Of The Lambs (1991) [1080p] 2023-01-11 16:25 - 2023-01-11 16:25 - 000000000 ___HD C:\$WinREAgent 2023-01-10 20:02 - 2023-01-10 20:02 - 000000000 ____D C:\Users\Default\AppData\Local\D3DSCache 2023-01-10 20:02 - 2023-01-10 20:02 - 000000000 ____D C:\Users\Default\AppData\Local\AMD 2023-01-10 19:36 - 2023-01-10 19:38 - 000000000 ____D C:\Users\nickj\Downloads\A Perfect Planet (2020) Season 1 S01 (2160p BluRay x265 HEVC 10bit HDR AAC 7.1 Silence) 2023-01-10 17:00 - 2023-01-29 21:49 - 000000000 ____D C:\Users\nickj\Downloads\Drugs Inc - Season 1, 2, 3, 4, 5, 6, 7, + Specials - 720P - x264 2023-01-08 20:34 - 2023-01-08 20:34 - 000000911 _____ C:\Users\nickj\Desktop\TV Shows - Shortcut.lnk 2023-01-07 19:21 - 2023-01-18 16:23 - 001487376 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2023-01-07 18:31 - 2023-01-07 18:31 - 000000000 ____D C:\Users\nickj\AppData\Local\bifrost ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2023-02-04 17:54 - 2022-09-13 12:20 - 000000000 ____D C:\Users\nickj\Downloads\New ROADS 2023-02-04 17:43 - 2022-10-28 21:50 - 000000000 ____D C:\Users\nickj\AppData\Roaming\vlc 2023-02-04 17:43 - 2019-12-07 19:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-02-04 16:57 - 2021-12-11 18:19 - 000000000 ____D C:\Program Files (x86)\Google 2023-02-04 16:50 - 2022-01-15 16:04 - 000000000 ____D C:\Users\nickj\AppData\Roaming\BitTorrent 2023-02-04 16:50 - 2021-12-29 09:59 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Bit Guardian 2023-02-04 16:22 - 2021-06-09 18:51 - 000000000 ____D C:\ProgramData\NVIDIA 2023-02-04 16:14 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2023-02-04 16:04 - 2021-12-11 18:16 - 000000000 ____D C:\Users\nickj\AppData\Local\Packages 2023-02-04 16:04 - 2019-12-07 19:44 - 000000000 ___HD C:\Program Files\WindowsApps 2023-02-04 16:04 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\AppReadiness 2023-02-04 15:59 - 2021-06-09 18:46 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-02-04 14:20 - 2021-06-09 18:54 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI 2023-02-04 14:20 - 2019-12-07 19:43 - 000000000 ____D C:\Windows\INF 2023-02-04 14:13 - 2021-06-09 18:46 - 000008192 ___SH C:\DumpStack.log.tmp 2023-02-04 14:13 - 2021-06-09 18:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-02-04 14:13 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\ServiceState 2023-02-04 14:12 - 2019-12-07 19:33 - 001048576 _____ C:\Windows\system32\config\BBI 2023-02-04 11:35 - 2021-12-12 13:28 - 000000000 ____D C:\Users\nickj\AppData\Local\NVIDIA 2023-02-04 11:35 - 2021-12-11 18:16 - 000000000 ____D C:\Users\nickj\AppData\Local\D3DSCache 2023-02-04 11:22 - 2022-03-29 12:52 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2021-06-09 18:52 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2021-06-09 18:52 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2021-06-09 18:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2023-02-04 11:22 - 2021-06-09 18:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2023-02-04 11:22 - 2021-06-09 18:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2023-02-04 09:52 - 2021-12-11 20:02 - 000004784 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2023-02-04 09:52 - 2021-06-09 18:46 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-02-03 23:16 - 2022-10-03 15:19 - 000000000 ____D C:\Users\nickj\Desktop\Case notes 2023-02-03 23:16 - 2022-01-16 06:47 - 000000000 ____D C:\Users\nickj\AppData\Roaming\WhatsApp 2023-02-03 14:10 - 2021-12-11 18:18 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3323940460-2476448031-453550397-1001 2023-02-03 14:10 - 2021-12-11 18:17 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3323940460-2476448031-453550397-1001 2023-02-03 14:10 - 2021-12-11 18:13 - 000002387 _____ C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-02-03 14:07 - 2021-06-09 18:46 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-02-03 14:07 - 2021-06-09 18:46 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-02-02 19:13 - 2022-01-21 11:55 - 000000000 ____D C:\Users\nickj\AppData\Roaming\FLT 2023-02-02 14:08 - 2021-12-11 18:13 - 000000000 ____D C:\Users\nickj 2023-02-02 11:08 - 2022-07-03 19:07 - 000000000 ____D C:\Games 2023-02-02 11:04 - 2022-10-11 19:28 - 000000000 ____D C:\Program Files (x86)\AWayOut 2023-02-01 17:17 - 2022-01-15 16:05 - 000000000 ____D C:\Users\nickj\AppData\Local\BitTorrentHelper 2023-01-31 11:17 - 2021-12-11 18:32 - 000000000 ____D C:\Users\nickj\AppData\Local\Comms 2023-01-30 12:33 - 2022-01-16 06:47 - 000000000 ____D C:\Users\nickj\AppData\Local\WhatsApp 2023-01-30 12:32 - 2022-01-16 06:47 - 000000000 ____D C:\Users\nickj\AppData\Local\SquirrelTemp 2023-01-29 17:00 - 2021-12-27 08:07 - 000000000 ____D C:\Users\nickj\AppData\Local\CrashDumps 2023-01-29 12:34 - 2019-12-07 19:33 - 000032768 _____ C:\Windows\system32\config\ELAM 2023-01-28 14:08 - 2021-12-11 18:32 - 000000000 ____D C:\ProgramData\Packages 2023-01-28 12:20 - 2022-02-10 18:12 - 000000000 ____D C:\Users\nickj\Downloads\apply 2023-01-28 11:34 - 2022-10-14 10:46 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-01-28 11:34 - 2022-10-14 10:46 - 000002069 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2023-01-28 11:34 - 2022-01-16 06:53 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2023-01-28 08:38 - 2022-09-24 11:39 - 000002364 _____ C:\Users\nickj\Desktop\Microsoft Teams.lnk 2023-01-28 08:38 - 2022-09-24 11:10 - 000002372 _____ C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2023-01-27 21:28 - 2019-12-07 19:33 - 000000000 ____D C:\Windows\CbsTemp 2023-01-27 19:48 - 2022-04-08 22:37 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-01-27 19:48 - 2022-04-08 22:37 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-01-25 08:05 - 2021-12-29 09:57 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2023-01-24 08:46 - 2019-12-07 19:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-01-22 18:14 - 2022-12-22 19:28 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Goldberg SteamEmu Saves 2023-01-22 18:03 - 2021-12-11 18:17 - 000000000 ____D C:\Users\nickj\AppData\Local\NVIDIA Corporation 2023-01-22 18:01 - 2021-06-09 18:46 - 000458408 _____ C:\Windows\system32\FNTCACHE.DAT 2023-01-22 17:48 - 2021-06-09 18:52 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-01-21 09:28 - 2022-03-11 11:07 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Zoom 2023-01-21 03:15 - 2022-03-29 12:52 - 002904632 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2023-01-21 03:15 - 2022-03-29 12:52 - 002234920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2023-01-21 03:15 - 2022-03-29 12:52 - 001297464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2023-01-20 20:09 - 2021-12-14 17:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-01-18 16:14 - 2022-04-10 21:25 - 007648024 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2023-01-13 13:04 - 2021-06-09 18:52 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll 2023-01-13 13:04 - 2021-06-09 18:52 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll 2023-01-13 12:03 - 2022-11-13 08:28 - 000000000 ____D C:\Users\nickj\Downloads\NR 2023-01-11 22:23 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\SystemResources 2023-01-11 22:23 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\system32\oobe 2023-01-11 22:23 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\system32\migwiz 2023-01-11 22:23 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\bcastdvr 2023-01-11 19:40 - 2022-12-05 20:09 - 000000000 ____D C:\Windows\system32\Drivers\Kaspersky4Win-21-8 2023-01-11 16:29 - 2021-06-09 18:48 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-01-11 16:13 - 2021-12-14 17:06 - 000000000 ____D C:\Windows\system32\MRT 2023-01-11 16:11 - 2021-12-13 20:23 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-01-10 20:01 - 2022-01-09 14:13 - 000000000 ____D C:\Users\nickj\AppData\Local\ElevatedDiagnostics 2023-01-10 19:52 - 2021-12-11 18:18 - 000000000 ____D C:\Users\nickj\AppData\Local\PlaceholderTileLogoFolder 2023-01-10 19:42 - 2022-10-02 21:17 - 000000000 ____D C:\Users\nickj\AppData\Roaming\discord 2023-01-10 19:13 - 2022-10-02 21:17 - 000000000 ____D C:\Users\nickj\AppData\Local\Discord 2023-01-09 17:36 - 2022-01-21 18:11 - 000001687 _____ C:\Windows\system32\Drivers\etc\hosts.rollback 2023-01-09 17:36 - 2022-01-21 18:05 - 000000000 ____D C:\Windows\SysWOW64\directx 2023-01-09 17:35 - 2022-01-21 18:05 - 000000000 ___HD C:\Windows\msdownld.tmp 2023-01-09 16:23 - 2022-08-22 15:00 - 000000000 ____D C:\Users\nickj\Downloads\TV Shows 2023-01-08 19:38 - 2022-01-23 10:42 - 000000000 ____D C:\Users\nickj\Downloads\Games 2023-01-08 09:02 - 2022-12-06 16:19 - 000000000 ____D C:\Users\nickj\Downloads\Horizon - Zero Dawn CE [FitGirl Repack] 2023-01-07 18:29 - 2022-01-22 07:53 - 000000000 ____D C:\Users\nickj\Documents\My Games ==================== Files in the root of some directories ======== 2022-10-14 10:39 - 2022-10-14 10:39 - 000065440 ___SH (Microsoft Corporation) C:\Users\nickj\AppData\Roaming\bcetrtf 2022-10-14 10:39 - 2022-10-14 10:39 - 000248887 ___SH () C:\Users\nickj\AppData\Roaming\cffurfc 2022-08-07 12:41 - 2022-08-26 18:33 - 000012288 _____ () C:\Users\nickj\AppData\Roaming\emp.bin ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================