Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-02-2023 Ran by nickj (administrator) on LAPTOP-4LBAS2EC (Razer Blade 14 - RZ09-0370) (05-02-2023 09:40:54) Running from C:\Users\nickj\Downloads\log Loaded Profiles: nickj Platform: Microsoft Windows 10 Home Version 22H2 19045.2546 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avpui.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe (C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe (C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\nickj\AppData\Roaming\BitTorrent\helper\helper.exe (C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe ->) (BitTorrent Inc.) [File not signed] C:\Users\nickj\AppData\Roaming\BitTorrent\updates\7.11.0_46675\bittorrentie.exe <2> (DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\atieclxx.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe <9> (explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\ose00000.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\atiesrxx.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\ensserver.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe (services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_e040dfd3f9f5ce72\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21314.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21314.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe [1262168 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-10] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2023-01-03] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7280080 2023-01-21] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [MicrosoftEdgeAutoLaunch_4067112C14B2850457CBDDD7DEA1E50C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188576 2023-02-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3323940460-2476448031-453550397-1001\...\Run: [bt] => C:\Users\nickj\AppData\Roaming\BitTorrent\BitTorrent.exe [2680328 2023-01-31] (Rainberry Inc -> BitTorrent Inc.) HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-10] (Razer USA Ltd. -> Razer Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {35DB82B9-B582-4F97-B764-EB157973F5A1} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.78\Installer\setup.exe [4022216 2023-02-04] (Microsoft Corporation -> Microsoft Corporation) Task: {4742AEA5-B190-417B-8604-978B6BC1ABEA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {50A60B3D-7313-453D-B506-67C515A7B48F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {630709CE-A931-4319-9833-70651422D91C} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [740040 2022-12-05] (AO Kaspersky Lab -> AO Kaspersky Lab) Task: {63D9D701-DB7F-4446-973C-78423CCE0CFD} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [623760 2021-12-02] (AO Kaspersky Lab -> AO Kaspersky Lab) Task: {64CCC1D1-09D6-4111-8D65-82765ADB66BD} - System32\Tasks\GoogleUpdateTaskMachineCore{AA90D5CB-63F7-4D66-886A-DEAE946B4D87} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-08] (Google LLC -> Google LLC) Task: {92304627-8959-4308-882D-E8702260D6F2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {95A31E25-C601-43F4-A8D0-87FCBBE29134} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck Task: {9A423570-A182-4C4D-B0E0-2785A875CB1C} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE} => C:\Program Files (x86)\east-tec Eraser\etEraser.exe (No File) Task: {9F3E742F-F056-4A01-8002-F17E4B6DD612} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C31161AF-3459-4F9F-ADB4-1976D68AD042} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D681C540-61F7-4DA0-8DFB-1618F37F07A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {D6CC2588-DE70-45DD-9801-84B999F7451E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F0A36BC6-B0D0-4323-B8A3-54DA73C8ABEA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-21] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F7249318-5F94-46FE-B14A-647C964EB5E8} - System32\Tasks\GoogleUpdateTaskMachineUA{FB260BA8-BB50-4429-B58B-D815C594AC43} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-08] (Google LLC -> Google LLC) Task: {FA3D4EEA-F0EB-43A6-BC49-606AAB8C0194} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-16] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {FE4AD356-07C7-4224-9BDB-EC7B9B2C3BFB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-28] (Nvidia Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{3e546cd7-5487-46c0-9326-8d9a38ec1290}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{f177f56e-670f-403c-b886-6c1b9fb4b931}: [DhcpNameServer] 192.168.1.1 192.168.68.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\nickj\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-05] Edge Extension: (Kaspersky Protection) - C:\Users\nickj\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-27] Edge HKU\S-1-5-21-3323940460-2476448031-453550397-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default [2023-02-05] CHR Notifications: Default -> hxxps://www.repco.com.au; hxxps://www.tijd.be CHR Extension: (Magic Actions for YouTube™) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2023-01-19] CHR Extension: (Just Black) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-12-12] CHR Extension: (Kaspersky Protection) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-26] CHR Extension: (MEGA) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2023-02-04] CHR Extension: (YouTube Control Center) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\boplfaeblpnpahldaijlikpgdbgdmhko [2022-10-29] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-01-27] CHR Extension: (Google Docs Offline) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-15] CHR Extension: (SmartVideo For YouTube™) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2022-10-29] CHR Extension: (Chrome Web Store Payments) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-11] CHR Extension: (Privacy Test) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2022-07-02] CHR Extension: (Outlook.com) - C:\Users\nickj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2022-01-13] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) R2 AVP21.8; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe [32008 2022-10-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [27784 2022-02-22] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.) S3 klvssbridge64_21.8; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\vssbridge64.exe [452808 2022-10-13] (AO Kaspersky Lab -> AO Kaspersky Lab) S4 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [375440 2021-12-02] (AO Kaspersky Lab -> AO Kaspersky Lab) S4 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-12-11] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-28] (Malwarebytes Inc. -> Malwarebytes) R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [281464 2022-02-18] (nordvpn s.a. -> TEFINCOM S.A.) S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1142808 2021-10-20] (Razer USA Ltd. -> Razer Inc.) S4 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [451608 2021-11-17] (Razer USA Ltd. -> Razer Inc.) S4 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1347640 2021-10-20] (Razer USA Ltd. -> Razer Inc.) S4 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-19] (Razer USA Ltd. -> Razer Inc) S4 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-12-10] (Razer USA Ltd. -> Razer Inc.) S4 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.) S4 VSSrv; C:\Windows\System32\VSSrv.exe [2422904 2022-01-04] (THX Ltd -> VisiSonics) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_e040dfd3f9f5ce72\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvrzi.inf_amd64_e040dfd3f9f5ce72\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S4 rsSyncSvc; C:\Program Files\RAVAntivirus\x64\rsSyncSvc.exe -rpn:ravantivirus -lpn:rav_antivirus -url:hxxps://update.reasonsecurity.com/v1/live ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AMDAfdAudioService; C:\Windows\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_900bfe66302ff6f3\amdacpafd.sys [354688 2021-09-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0371455.inf_amd64_2605bed45e270d20\B370101\amdkmdag.sys [80463176 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [240536 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2021-12-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 klbackupdisk.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klbackupdisk.sys [122728 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klbackupflt.sys [233344 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\kldisk.sys [135040 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [60544 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 KLFLT.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klflt.sys [553336 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klgse.sys [717448 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLHK.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klhk.sys [1729160 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.8\Bases\klids.sys [244832 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klif.sys [1134936 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [107888 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klkbdflt.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klkbdflt.sys [125288 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klmouflt.sys [123768 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd.Kaspersky4Win-21-8; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-8\klpd.sys [90496 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klpnpflt.sys [107880 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_Kaspersky4Win-21-8_arkmon; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_arkmon.sys [382304 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_Kaspersky4Win-21-8_klark; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_klark.sys [359976 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_Kaspersky4Win-21-8_klbg; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_klbg.sys [190048 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_Kaspersky4Win-21-8_mark; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-8_mark.sys [270672 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [166792 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp.Kaspersky4Win-21-8; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-8\klwtp.sys [416616 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [341864 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 NDivert; C:\Program Files\NordVPN\6.48.18.0\Drivers\NDivert.sys [131456 2022-04-05] (nordvpn s.a. -> Nordvpn S.A.) R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [233984 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation) S3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2022-03-28] (Noriyuki MIYAZAKI -> OpenLibSys.org) R1 ReasonCamFilter; C:\Windows\System32\DRIVERS\ReasonCamFilter.sys [49992 2021-12-19] (Reason CyberSecurity Inc. -> Reason Software Company) S3 RtkUsbAD_03F00269; C:\Windows\system32\drivers\RtUsbA64_03F00269.sys [428840 2020-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-31] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0270; C:\Windows\System32\drivers\RzDev_0270.sys [55368 2021-01-19] (Razer USA Ltd. -> Razer Inc) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2022-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [473376 2022-12-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-11] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29592 2022-05-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2023-02-05 09:34 - 2023-02-05 09:34 - 000004776 _____ C:\Users\nickj\Desktop\mw log.txt 2023-02-04 22:32 - 2021-03-05 19:41 - 000082897 ____N C:\Users\nickj\Downloads\Spirited.Away.2001.720p.BluRay.x264-ShAaNiG-English.srt 2023-02-04 22:32 - 2021-03-05 19:41 - 000082429 ____N C:\Users\nickj\Downloads\Spirited.Away.2001.720p.BluRay.x264-x0r-English.srt 2023-02-04 22:32 - 2021-03-05 19:41 - 000071808 ____N C:\Users\nickj\Downloads\Spirited.Away.2001.1080p.BluRay.x264-YTS-English.srt 2023-02-04 21:27 - 2023-02-05 09:42 - 4291155968 _____ C:\Users\nickj\Downloads\2019.iso 2023-02-04 21:27 - 2023-02-04 21:29 - 361279488 _____ C:\Users\nickj\Downloads\Microsoft Office 2010 Word x64 64bit.iso 2023-02-04 19:38 - 2023-02-05 09:40 - 000000000 ____D C:\Users\nickj\Downloads\log 2023-02-04 18:39 - 2023-02-04 18:39 - 000000000 ___HD C:\$WinREAgent 2023-02-04 18:29 - 2023-02-05 09:36 - 000000924 _____ C:\Users\nickj\Desktop\BitTorrent.lnk 2023-02-04 18:29 - 2023-02-04 18:29 - 000000904 _____ C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk 2023-02-04 17:54 - 2023-02-05 09:41 - 000000000 ____D C:\FRST 2023-02-04 11:32 - 2023-01-18 16:23 - 002236992 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 002236992 _____ C:\Windows\system32\vulkaninfo.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 001642560 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 001642560 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2023-02-04 11:32 - 2023-01-18 16:23 - 001444416 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001444416 _____ C:\Windows\system32\vulkan-1.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001226776 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001168952 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2023-02-04 11:32 - 2023-01-18 16:23 - 001168952 _____ C:\Windows\SysWOW64\vulkan-1.dll 2023-02-04 11:32 - 2023-01-18 16:19 - 000865256 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2023-02-04 11:32 - 2023-01-18 16:19 - 000672296 _____ C:\Windows\system32\nvofapi64.dll 2023-02-04 11:32 - 2023-01-18 16:19 - 000506856 _____ C:\Windows\SysWOW64\nvofapi.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 002163736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 001619968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 001532432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 001192968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 000949736 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2023-02-04 11:32 - 2023-01-18 16:18 - 000743976 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2023-02-04 11:32 - 2023-01-18 16:18 - 000734232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 012453352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 010220536 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 005890552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 005865976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 003334664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2023-02-04 11:32 - 2023-01-18 16:17 - 000457712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2023-02-04 11:32 - 2023-01-18 16:16 - 005818872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2023-02-04 11:32 - 2023-01-18 16:16 - 000853016 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2023-02-04 11:32 - 2023-01-18 16:14 - 006517008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2023-02-04 11:32 - 2023-01-16 09:11 - 000101010 _____ C:\Windows\system32\nvinfo.pb 2023-02-03 15:47 - 2023-02-03 15:47 - 000000762 _____ C:\Users\nickj\Desktop\Downloads - Shortcut.lnk 2023-02-02 11:14 - 2023-02-02 11:14 - 000000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNCHARTED™ Legacy of Thieves Collection.lnk 2023-02-02 11:14 - 2023-02-02 11:14 - 000000935 _____ C:\Users\nickj\Desktop\UNCHARTED™ Legacy of Thieves Collection.lnk 2023-02-01 17:53 - 2023-02-01 17:53 - 000000112 ___SH C:\bootTel.dat 2023-01-31 09:11 - 2023-01-31 09:11 - 000000000 ____D C:\Users\nickj\Downloads\UNCHARTED.Legacy.of.Thieves.Collection.Update.Only.v1.3.20812 2023-01-28 21:46 - 2023-01-28 21:46 - 000001415 _____ C:\Users\nickj\Desktop\Drugs Inc - Season 1, 2, 3, 4, 5, 6, 7, + Specials - 720P - x264 - Shortcut.lnk 2023-01-28 20:57 - 2023-01-29 10:23 - 2006663284 _____ C:\Users\nickj\Downloads\[TorrentCounter.to].Spirited.Away.2001.English.Dubbed.1080p.BluRay.x264.[1.8GB].mp4 2023-01-28 14:44 - 2023-01-28 14:39 - 000972781 _____ C:\Users\nickj\Downloads\22AF0A7B-5D5A-449F-B92F-78ED2DC3DE9E.jpeg 2023-01-28 14:44 - 2023-01-28 14:39 - 000591935 ____T C:\Users\nickj\Downloads\50CF5394-A990-463D-A29D-F54F280FA5C1.jpeg 2023-01-27 19:40 - 2023-01-27 19:40 - 000000947 _____ C:\Users\nickj\Desktop\Invoices ABN - Shortcut.lnk 2023-01-22 18:03 - 2023-02-02 11:24 - 000000000 ____D C:\ProgramData\Naughty Dog 2023-01-22 18:02 - 2023-01-22 18:02 - 000001622 _____ C:\Users\nickj\Desktop\Activation - Shortcut.lnk 2023-01-22 17:51 - 2023-02-01 17:15 - 000000000 ____D C:\Users\nickj\AppData\Roaming\xzverbre 2023-01-22 17:51 - 2023-01-22 18:01 - 000000000 ____D C:\Users\nickj\AppData\Roaming\ytytyrbre 2023-01-22 17:51 - 2023-01-22 17:51 - 000000000 ____D C:\Users\nickj\Documents\Custom Office Templates 2023-01-22 17:50 - 2023-02-01 17:15 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Meow 2023-01-22 17:50 - 2023-01-22 19:26 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Colors 2023-01-22 17:50 - 2023-01-22 17:50 - 000000000 ____D C:\Users\Public\Docs 2023-01-22 17:50 - 2023-01-22 17:50 - 000000000 ____D C:\Users\nickj\AppData\Local\Yandex 2023-01-22 17:49 - 2023-02-01 17:15 - 000000000 ____D C:\Users\nickj\AppData\Roaming\ViperFolder 2023-01-22 17:49 - 2023-01-22 18:01 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Cached files 2023-01-22 17:49 - 2023-01-22 17:49 - 000002459 _____ C:\Users\nickj\Desktop\Word.lnk 2023-01-22 17:47 - 2023-01-22 18:01 - 000000000 ____D C:\Users\nickj\AppData\Roaming\License 2023-01-22 17:47 - 2023-01-22 17:47 - 000000000 ____D C:\Program Files (x86)\KMSauto.net 2023-01-22 17:44 - 2023-02-05 09:39 - 000000000 ____D C:\Program Files\Microsoft Office 2023-01-22 17:41 - 2023-01-22 17:43 - 000000000 ____D C:\Users\nickj\AppData\Local\SaraResults 2023-01-22 17:32 - 2023-01-22 17:32 - 000000520 _____ C:\Users\nickj\Desktop\Microsoft Support and Recovery Assistant.appref-ms 2023-01-22 17:32 - 2023-01-22 17:32 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2023-01-22 17:32 - 2023-01-22 17:32 - 000000000 ____D C:\Users\nickj\AppData\Local\SaRALogs 2023-01-22 17:27 - 2023-01-22 17:42 - 000000000 ____D C:\Users\nickj\AppData\Local\Deployment 2023-01-22 17:27 - 2023-01-22 17:27 - 000000000 ____D C:\Users\nickj\AppData\Local\Apps\2.0 2023-01-22 16:46 - 2023-01-22 16:47 - 000000000 ____D C:\Users\nickj\Downloads\Microsoft Office Professional Plus 2019 English + Full Activation 2023-01-21 19:32 - 2023-01-22 15:40 - 000000000 ____D C:\Users\nickj\Downloads\Everything Everywhere All At Once (2022) [1080p] [WEBRip] [5.1] [YTS.MX] 2023-01-21 11:25 - 2023-01-21 11:25 - 005924261 _____ C:\Users\nickj\Downloads\tdu-2023_stage-5.pdf 2023-01-21 09:28 - 2023-01-21 09:28 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2023-01-16 20:15 - 2023-02-04 09:52 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-01-15 22:10 - 2023-01-15 22:20 - 000414675 _____ C:\Users\nickj\Desktop\Mengyao cover letter.pdf 2023-01-15 21:49 - 2023-01-15 21:49 - 000664889 _____ C:\Users\nickj\Desktop\Jessica Zhao CV.pdf 2023-01-14 20:39 - 2023-01-14 20:39 - 000001592 _____ C:\Users\nickj\Desktop\Little Nightmares II.lnk 2023-01-14 20:39 - 2023-01-14 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Nightmares II 2023-01-14 20:38 - 2023-01-14 20:39 - 000000000 ____D C:\Program Files (x86)\Little Nightmares II 2023-01-11 21:14 - 2023-01-11 21:23 - 000000000 ____D C:\Users\nickj\Downloads\The Silence Of The Lambs (1991) [1080p] 2023-01-10 20:02 - 2023-01-10 20:02 - 000000000 ____D C:\Users\Default\AppData\Local\D3DSCache 2023-01-10 20:02 - 2023-01-10 20:02 - 000000000 ____D C:\Users\Default\AppData\Local\AMD 2023-01-10 19:36 - 2023-01-10 19:38 - 000000000 ____D C:\Users\nickj\Downloads\A Perfect Planet (2020) Season 1 S01 (2160p BluRay x265 HEVC 10bit HDR AAC 7.1 Silence) 2023-01-10 17:00 - 2023-01-29 21:49 - 000000000 ____D C:\Users\nickj\Downloads\Drugs Inc - Season 1, 2, 3, 4, 5, 6, 7, + Specials - 720P - x264 2023-01-08 20:34 - 2023-01-08 20:34 - 000000911 _____ C:\Users\nickj\Desktop\TV Shows - Shortcut.lnk 2023-01-07 19:21 - 2023-01-18 16:23 - 001487376 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2023-01-07 18:31 - 2023-01-07 18:31 - 000000000 ____D C:\Users\nickj\AppData\Local\bifrost ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2023-02-05 09:41 - 2022-01-15 16:05 - 000000000 ____D C:\Users\nickj\AppData\Local\BitTorrentHelper 2023-02-05 09:41 - 2022-01-15 16:04 - 000000000 ____D C:\Users\nickj\AppData\Roaming\BitTorrent 2023-02-05 09:39 - 2019-12-07 19:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-02-05 09:39 - 2019-12-07 19:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-02-05 09:27 - 2021-12-11 18:19 - 000000000 ____D C:\Program Files (x86)\Google 2023-02-05 09:27 - 2021-06-09 18:51 - 000000000 ____D C:\ProgramData\NVIDIA 2023-02-05 09:27 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2023-02-04 22:39 - 2022-10-28 21:50 - 000000000 ____D C:\Users\nickj\AppData\Roaming\vlc 2023-02-04 22:20 - 2022-01-16 06:47 - 000000000 ____D C:\Users\nickj\AppData\Roaming\WhatsApp 2023-02-04 22:08 - 2021-06-09 18:54 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI 2023-02-04 22:08 - 2019-12-07 19:43 - 000000000 ____D C:\Windows\INF 2023-02-04 22:06 - 2021-12-11 18:16 - 000000000 ____D C:\Users\nickj\AppData\Local\D3DSCache 2023-02-04 22:01 - 2021-06-09 18:46 - 000008192 ___SH C:\DumpStack.log.tmp 2023-02-04 22:01 - 2021-06-09 18:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-02-04 22:01 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\ServiceState 2023-02-04 22:01 - 2019-12-07 19:33 - 001048576 _____ C:\Windows\system32\config\BBI 2023-02-04 21:57 - 2021-06-09 18:46 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-02-04 19:39 - 2022-09-13 12:20 - 000000000 ____D C:\Users\nickj\Downloads\New ROADS 2023-02-04 19:32 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\AppReadiness 2023-02-04 19:31 - 2022-10-02 21:17 - 000000000 ____D C:\Users\nickj\AppData\Roaming\discord 2023-02-04 19:31 - 2021-06-09 18:46 - 000458408 _____ C:\Windows\system32\FNTCACHE.DAT 2023-02-04 19:31 - 2019-12-07 19:44 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-02-04 19:31 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-02-04 19:31 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\SystemResources 2023-02-04 19:31 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\system32\oobe 2023-02-04 19:31 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\system32\DDFs 2023-02-04 19:31 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\bcastdvr 2023-02-04 18:55 - 2019-12-07 19:33 - 000000000 ____D C:\Windows\CbsTemp 2023-02-04 18:48 - 2021-06-09 18:48 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-02-04 18:17 - 2022-01-15 16:02 - 000000000 ____D C:\Users\nickj\AppData\Local\Adaware 2023-02-04 18:13 - 2022-10-02 21:17 - 000000000 ____D C:\Users\nickj\AppData\Local\Discord 2023-02-04 18:12 - 2023-01-03 21:11 - 000002235 _____ C:\Users\nickj\Desktop\Discord.lnk 2023-02-04 16:50 - 2021-12-29 09:59 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Bit Guardian 2023-02-04 16:04 - 2021-12-11 18:16 - 000000000 ____D C:\Users\nickj\AppData\Local\Packages 2023-02-04 16:04 - 2019-12-07 19:44 - 000000000 ___HD C:\Program Files\WindowsApps 2023-02-04 11:35 - 2021-12-12 13:28 - 000000000 ____D C:\Users\nickj\AppData\Local\NVIDIA 2023-02-04 11:22 - 2022-03-29 12:52 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2022-03-29 12:52 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2021-06-09 18:52 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2021-06-09 18:52 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-02-04 11:22 - 2021-06-09 18:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2023-02-04 11:22 - 2021-06-09 18:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2023-02-04 11:22 - 2021-06-09 18:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2023-02-04 09:52 - 2021-12-11 20:02 - 000004784 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2023-02-04 09:52 - 2021-06-09 18:46 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-02-03 23:16 - 2022-10-03 15:19 - 000000000 ____D C:\Users\nickj\Desktop\Case notes 2023-02-03 14:10 - 2021-12-11 18:18 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3323940460-2476448031-453550397-1001 2023-02-03 14:10 - 2021-12-11 18:17 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3323940460-2476448031-453550397-1001 2023-02-03 14:10 - 2021-12-11 18:13 - 000002387 _____ C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-02-03 14:07 - 2021-06-09 18:46 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-02-03 14:07 - 2021-06-09 18:46 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-02-02 19:13 - 2022-01-21 11:55 - 000000000 ____D C:\Users\nickj\AppData\Roaming\FLT 2023-02-02 14:08 - 2021-12-11 18:13 - 000000000 ____D C:\Users\nickj 2023-02-02 11:08 - 2022-07-03 19:07 - 000000000 ____D C:\Games 2023-02-02 11:04 - 2022-10-11 19:28 - 000000000 ____D C:\Program Files (x86)\AWayOut 2023-01-31 11:17 - 2021-12-11 18:32 - 000000000 ____D C:\Users\nickj\AppData\Local\Comms 2023-01-30 12:33 - 2022-01-16 06:47 - 000000000 ____D C:\Users\nickj\AppData\Local\WhatsApp 2023-01-30 12:32 - 2022-01-16 06:47 - 000000000 ____D C:\Users\nickj\AppData\Local\SquirrelTemp 2023-01-29 17:00 - 2021-12-27 08:07 - 000000000 ____D C:\Users\nickj\AppData\Local\CrashDumps 2023-01-29 12:34 - 2019-12-07 19:33 - 000032768 _____ C:\Windows\system32\config\ELAM 2023-01-28 14:08 - 2021-12-11 18:32 - 000000000 ____D C:\ProgramData\Packages 2023-01-28 12:20 - 2022-02-10 18:12 - 000000000 ____D C:\Users\nickj\Downloads\apply 2023-01-28 11:34 - 2022-10-14 10:46 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-01-28 11:34 - 2022-10-14 10:46 - 000002069 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2023-01-28 11:34 - 2022-01-16 06:53 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2023-01-28 08:38 - 2022-09-24 11:39 - 000002364 _____ C:\Users\nickj\Desktop\Microsoft Teams.lnk 2023-01-28 08:38 - 2022-09-24 11:10 - 000002372 _____ C:\Users\nickj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2023-01-27 19:48 - 2022-04-08 22:37 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-01-27 19:48 - 2022-04-08 22:37 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-01-22 18:14 - 2022-12-22 19:28 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Goldberg SteamEmu Saves 2023-01-22 18:03 - 2021-12-11 18:17 - 000000000 ____D C:\Users\nickj\AppData\Local\NVIDIA Corporation 2023-01-22 17:48 - 2021-06-09 18:52 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-01-21 09:28 - 2022-03-11 11:07 - 000000000 ____D C:\Users\nickj\AppData\Roaming\Zoom 2023-01-21 03:15 - 2022-03-29 12:52 - 002904632 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2023-01-21 03:15 - 2022-03-29 12:52 - 002234920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2023-01-21 03:15 - 2022-03-29 12:52 - 001297464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2023-01-20 20:09 - 2021-12-14 17:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-01-18 16:14 - 2022-04-10 21:25 - 007648024 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2023-01-13 13:04 - 2021-06-09 18:52 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll 2023-01-13 13:04 - 2021-06-09 18:52 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll 2023-01-13 12:03 - 2022-11-13 08:28 - 000000000 ____D C:\Users\nickj\Downloads\NR 2023-01-11 22:23 - 2019-12-07 19:44 - 000000000 ____D C:\Windows\system32\migwiz 2023-01-11 19:40 - 2022-12-05 20:09 - 000000000 ____D C:\Windows\system32\Drivers\Kaspersky4Win-21-8 2023-01-11 16:13 - 2021-12-14 17:06 - 000000000 ____D C:\Windows\system32\MRT 2023-01-11 16:11 - 2021-12-13 20:23 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-01-10 20:01 - 2022-01-09 14:13 - 000000000 ____D C:\Users\nickj\AppData\Local\ElevatedDiagnostics 2023-01-10 19:52 - 2021-12-11 18:18 - 000000000 ____D C:\Users\nickj\AppData\Local\PlaceholderTileLogoFolder 2023-01-09 17:36 - 2022-01-21 18:11 - 000001687 _____ C:\Windows\system32\Drivers\etc\hosts.rollback 2023-01-09 17:36 - 2022-01-21 18:05 - 000000000 ____D C:\Windows\SysWOW64\directx 2023-01-09 17:35 - 2022-01-21 18:05 - 000000000 ___HD C:\Windows\msdownld.tmp 2023-01-09 16:23 - 2022-08-22 15:00 - 000000000 ____D C:\Users\nickj\Downloads\TV Shows 2023-01-08 19:38 - 2022-01-23 10:42 - 000000000 ____D C:\Users\nickj\Downloads\Games 2023-01-08 09:02 - 2022-12-06 16:19 - 000000000 ____D C:\Users\nickj\Downloads\Horizon - Zero Dawn CE [FitGirl Repack] 2023-01-07 18:29 - 2022-01-22 07:53 - 000000000 ____D C:\Users\nickj\Documents\My Games ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================