Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021 Ran by 19192 (administrator) on LAPTOP-6BUIOIQ5 (LENOVO 81Y4) (19-11-2021 01:23:01) Running from C:\Users\19192\OneDrive\Desktop Loaded Profiles: 19192 Platform: Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe <2> (Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.6.0\crashpad_handler.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20> (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\53.0.6.0\GoogleDriveFS.exe <6> (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_657d56a89b3d77d6\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_657d56a89b3d77d6\IntelCpHeciSvc.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDCUserAgent.exe (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\19192\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_5adc6075318430cf\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1085224 2020-06-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.6.0\GoogleDriveFS.exe [54398808 2021-11-17] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.6.0\GoogleDriveFS.exe [54398808 2021-11-17] (Google LLC -> Google, Inc.) HKU\S-1-5-21-4005300964-2302935580-1863167367-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.6.0\GoogleDriveFS.exe [54398808 2021-11-17] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.6.0\GoogleDriveFS.exe [54398808 2021-11-17] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\Canon MP830 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD7Q.DLL [27136 2006-09-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP830: C:\Windows\system32\CNMLM7Q.DLL [234496 2006-09-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon MP FAX Language Monitor MP830: C:\Windows\system32\CNCF2Lb.DLL [188928 2006-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-29] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01B10BEE-CEC8-4B67-9D40-0F1B616CB656} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {045E4C8F-E096-4C5F-AA86-8441F3475142} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-12] (Microsoft Corporation -> Microsoft Corporation) Task: {04D3FBF3-3CCD-4BB3-8A09-3F402FBAF841} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {06B7131C-B150-4F28-9334-81EE2569904F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {231F8B91-FC9E-4AC6-A254-F5D489C59F37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {26F17EF2-56D4-4F1D-B730-834E8B375DC2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2F39C152-53BC-45FF-A1F7-088B7821CB81} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {368392EC-06F2-4824-99EF-186F5129F43F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-14] (Google LLC -> Google LLC) Task: {54BFEC5B-779A-4060-88C1-F822AD15A989} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {73F46A70-9630-4059-B911-C5423206F6AD} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\Windows\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.) Task: {7498719E-9F93-47F6-A09C-F1DB7CE9EA56} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\19192\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-11-18] (ESET, spol. s r.o. -> ESET) Task: {7B853215-31F4-482F-AD03-3F4AEB9487D3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-12] (Microsoft Corporation -> Microsoft Corporation) Task: {8478F36E-B1BA-4F6E-96E1-2C690989C3B0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8B0A2421-24B8-456A-9FF9-9B990F3C3E77} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {A6D33B72-85DF-45D9-9B95-CED37B7AF63F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {A9B1FB1E-2DE8-4794-B6A2-621E60ED6195} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B66638EA-88E1-4C44-8194-313C7CD8EC7A} - \KillHelpDeskService -> No File <==== ATTENTION Task: {C1CED367-854F-475D-82AE-648D5C0A110A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C9837A75-6F35-4D2B-A87A-A3FED7D06F8F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\19192\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-11-18] (ESET, spol. s r.o. -> ESET) Task: {D0FAFD93-351B-47CD-9DC5-09079FFB2273} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.) Task: {E4A2CA68-F06D-4D06-94BA-574DF78F1F7D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E56B4006-2F6A-4E46-8852-CEA43C985289} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {ED69C074-9E68-44E2-AD91-5DBD2515E764} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-14] (Google LLC -> Google LLC) Task: {F36667FE-BAA3-4E57-962E-0FEC24A0C7C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F695EF1F-3E13-4EC5-95D7-21AA49D58E03} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FFF2C6B8-88BD-4DF4-9244-212E552EB500} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8e97fbc1-15cf-494a-82de-a590dbc646ae}: [DhcpNameServer] 152.206.1.3 Tcpip\..\Interfaces\{dde9b86d-16b9-4b9a-8585-74a0260b6f50}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge Profile: C:\Users\19192\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-14] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\19192\AppData\Local\Google\Chrome\User Data\Default [2021-11-19] CHR DownloadDir: C:\Users\19192\Desktop CHR Session Restore: Default -> is enabled. CHR Extension: (Bitmoji) - C:\Users\19192\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfgdeiadkckfbkeigkoncpdieiiefpig [2021-11-17] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\19192\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-17] CHR Extension: (Chrome Web Store Payments) - C:\Users\19192\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-17] CHR HKU\S-1-5-21-4005300964-2302935580-1863167367-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation) R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories) R2 FMAPOService; C:\Windows\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe [539128 2021-08-26] (Lenovo -> Lenovo(beijing) Limited) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-09] (Malwarebytes Inc -> Malwarebytes) R2 UDCService; C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_5adc6075318430cf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_5adc6075318430cf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2021-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 FBNetFilter; C:\Windows\System32\drivers\FBNetFlt.sys [52688 2020-05-21] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.) R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [389640 2021-10-18] (Google LLC -> Google, Inc.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-04-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193448 2021-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2021-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-10-03] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [149424 2021-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl0093df3e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9207C783-0032-4001-92D7-F0A0B2AC3D30}\MpKslDrv.sys [130296 2021-11-18] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-11-19 00:11 - 2021-11-19 00:11 - 000000266 _____ C:\Users\19192\OneDrive\Documents\esetscan.txt 2021-11-18 11:54 - 2021-11-19 01:22 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2021-11-18 11:54 - 2021-11-19 01:22 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2021-11-18 10:25 - 2021-11-18 23:14 - 000001393 _____ C:\Users\19192\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-11-18 10:25 - 2021-11-18 10:25 - 000000000 ____D C:\Users\19192\AppData\Local\ESET 2021-11-18 10:21 - 2021-11-18 10:21 - 000193448 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2021-11-18 10:21 - 2021-11-18 10:21 - 000149424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2021-11-18 10:21 - 2021-11-18 10:21 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2021-11-15 13:49 - 2021-11-15 13:53 - 000000000 ___HD C:\$WinREAgent 2021-11-15 13:42 - 2021-11-15 13:42 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll 2021-11-15 13:19 - 2021-11-15 13:19 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll 2021-11-15 13:19 - 2021-11-15 13:19 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-11-15 13:19 - 2021-11-15 13:19 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE 2021-11-15 13:19 - 2021-11-15 13:19 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll 2021-11-15 13:19 - 2021-11-15 13:19 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-11-15 13:19 - 2021-11-15 13:19 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-11-15 13:18 - 2021-11-15 13:18 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll 2021-11-15 13:18 - 2021-11-15 13:18 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-11-15 13:18 - 2021-11-15 13:18 - 000706536 _____ C:\Windows\system32\TextShaping.dll 2021-11-15 13:18 - 2021-11-15 13:18 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-11-15 13:18 - 2021-11-15 13:18 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-11-15 13:17 - 2021-11-15 13:17 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2021-11-15 13:17 - 2021-11-15 13:17 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-11-15 13:17 - 2021-11-15 13:17 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-11-15 13:01 - 2021-11-15 13:45 - 000000000 ____D C:\AdwCleaner 2021-11-14 20:11 - 2021-11-14 20:12 - 000038062 _____ C:\Users\19192\Desktop\FRST.txt 2021-11-14 20:11 - 2021-11-14 20:12 - 000030861 _____ C:\Users\19192\Desktop\Addition.txt 2021-11-13 13:36 - 2021-11-18 22:45 - 000002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-11-13 13:36 - 2021-10-18 11:17 - 000389640 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3525.sys 2021-11-13 13:35 - 2021-11-13 13:36 - 261628248 _____ (Google, Inc.) C:\Users\19192\Desktop\GoogleDriveSetup.exe 2021-11-13 13:19 - 2021-11-13 13:19 - 000000000 ___HD C:\OneDriveTemp 2021-11-13 13:19 - 2021-04-03 14:53 - 000000172 ____R C:\Users\19192\OneDrive\Documents\Caroline's Notebook.url 2021-11-13 13:14 - 2021-11-13 13:14 - 000000000 ____D C:\Users\19192\AppData\Local\OneDrive 2021-11-10 15:07 - 2021-11-19 01:23 - 000000000 ____D C:\FRST 2021-11-10 12:14 - 2021-11-18 23:12 - 000000000 ____D C:\Users\19192\AppData\Local\CrashDumps 2021-11-09 22:49 - 2021-11-09 22:49 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2021-11-09 22:48 - 2021-11-09 22:48 - 002101944 _____ (Malwarebytes) C:\Users\19192\Downloads\MBSetup-119967.119967-consumer.exe 2021-11-09 17:52 - 2021-11-09 17:52 - 000000000 ____D C:\Users\19192\AppData\Local\AAR 2021-11-08 14:21 - 2021-11-08 14:21 - 000000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information 2021-11-08 14:21 - 2021-11-08 14:21 - 000000000 ___HD C:\ProgramData\CanonBJ 2021-11-08 14:21 - 2021-11-08 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP830 2021-11-08 14:21 - 2006-10-03 09:37 - 000003072 _____ C:\Windows\system32\CNCFLbNL.DLL 2021-11-08 14:21 - 2006-09-21 11:49 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLbPT.DLL 2021-11-08 14:21 - 2006-09-21 11:49 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLbES.DLL 2021-11-08 14:21 - 2006-09-21 11:49 - 000003584 _____ (Canon Inc.) C:\Windows\system32\CNCFLbDE.DLL 2021-11-08 14:21 - 2006-09-21 11:49 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbRU.DLL 2021-11-08 14:21 - 2006-09-21 11:49 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbPL.DLL 2021-11-08 14:21 - 2006-09-21 11:49 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbIT.DLL 2021-11-08 14:21 - 2006-09-21 11:49 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbFR.DLL 2021-11-08 14:21 - 2006-09-20 15:15 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbCN.DLL 2021-11-08 14:21 - 2006-09-20 11:37 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbKR.DLL 2021-11-08 14:21 - 2006-09-20 09:18 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbTW.DLL 2021-11-08 14:21 - 2006-09-13 11:32 - 000188928 _____ (Canon Inc.) C:\Windows\system32\CNCF2Lb.DLL 2021-11-08 14:21 - 2006-09-13 11:31 - 000093696 _____ (Canon Inc.) C:\Windows\system32\CNCFMSb.EXE 2021-11-08 14:21 - 2006-09-13 11:30 - 000003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLbUS.DLL 2021-11-08 14:21 - 2006-09-13 11:28 - 000270336 _____ (CANON INC.) C:\Windows\system32\CNCC830.DLL 2021-11-08 14:21 - 2006-09-13 11:28 - 000049664 _____ (CANON INC.) C:\Windows\system32\CNCI830.DLL 2021-11-08 14:21 - 2006-09-13 05:00 - 000234496 _____ (CANON INC.) C:\Windows\system32\CNMLM7Q.DLL 2021-11-08 14:21 - 2006-06-29 14:30 - 000017408 _____ (Canon Inc.) C:\Windows\system32\cncisco.x64.dll 2021-11-08 14:21 - 2005-11-07 09:58 - 000122368 _____ (Canon Inc.) C:\Windows\system32\CNCL830.DLL 2021-11-08 14:20 - 2021-11-08 14:20 - 000000000 ___HD C:\Program Files\CanonBJ 2021-11-08 14:17 - 2021-11-08 14:17 - 016555152 _____ C:\Users\19192\Downloads\md64-win-mp830-1_12-ea12.exe 2021-11-08 14:09 - 2021-11-17 11:33 - 000000000 ____D C:\Users\19192\AppData\LocalLow\Temp 2021-11-08 14:09 - 2021-11-08 14:09 - 000266205 _____ C:\Users\19192\Downloads\Ming's lychee martini.pdf 2021-11-08 14:06 - 2021-11-08 14:06 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2021-11-08 13:22 - 2021-11-08 13:22 - 000138905 _____ C:\Users\19192\Downloads\2020_TaxReturn.pdf 2021-11-03 17:03 - 2021-11-03 17:03 - 000000000 ____D C:\Users\19192\AppData\Local\ElevatedDiagnostics 2021-11-03 16:47 - 2021-11-03 16:47 - 000001827 _____ C:\Users\Public\Desktop\iTunes.lnk 2021-11-03 16:47 - 2021-11-03 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2021-11-03 16:47 - 2021-11-03 16:47 - 000000000 ____D C:\Program Files\iTunes 2021-11-02 20:10 - 2021-11-02 20:10 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-02 20:10 - 2021-11-02 20:10 - 000000000 ____D C:\Program Files\PCHealthCheck ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-11-19 01:21 - 2021-04-14 04:56 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-19 01:21 - 2020-05-06 10:33 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-11-18 23:51 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-18 23:51 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\AppReadiness 2021-11-18 23:50 - 2021-04-14 04:51 - 000000000 ____D C:\ProgramData\Packages 2021-11-18 23:45 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-18 23:39 - 2019-12-07 01:13 - 000000000 ____D C:\Windows\INF 2021-11-18 22:48 - 2021-04-14 10:43 - 000004168 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{008B1671-6ABD-46AE-ABF7-73DFDE00F4AA} 2021-11-18 22:47 - 2021-03-10 07:02 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-18 10:27 - 2021-07-25 12:34 - 000696106 _____ C:\Windows\system32\perfh00E.dat 2021-11-18 10:27 - 2021-07-25 12:34 - 000155082 _____ C:\Windows\system32\perfc00E.dat 2021-11-18 10:27 - 2020-05-06 10:41 - 001634274 _____ C:\Windows\system32\PerfStringBackup.INI 2021-11-18 10:24 - 2021-04-14 04:50 - 000000000 ___RD C:\Users\19192\OneDrive 2021-11-18 10:20 - 2021-04-14 04:49 - 000000000 __SHD C:\Users\19192\IntelGraphicsProfiles 2021-11-18 10:20 - 2021-03-10 06:59 - 000000000 ___HD C:\Intel 2021-11-18 10:20 - 2020-05-06 10:33 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-18 10:20 - 2020-05-06 10:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-11-18 10:20 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\ServiceState 2021-11-18 10:20 - 2019-12-07 01:03 - 001572864 _____ C:\Windows\system32\config\BBI 2021-11-18 01:10 - 2020-05-06 10:33 - 000439016 _____ C:\Windows\system32\FNTCACHE.DAT 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ___SD C:\Windows\system32\UNP 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\SystemResources 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\setup 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\oobe 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\migwiz 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\Dism 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\DDFs 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\appraiser 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\ShellExperiences 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\ShellComponents 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\Provisioning 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\DiagTrack 2021-11-18 01:09 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\bcastdvr 2021-11-18 01:09 - 2019-12-07 01:03 - 000000000 ____D C:\Windows\servicing 2021-11-18 00:12 - 2021-04-14 04:50 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4005300964-2302935580-1863167367-1001 2021-11-18 00:12 - 2021-04-14 04:26 - 000002394 _____ C:\Users\19192\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-18 00:09 - 2021-03-10 06:48 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-18 00:09 - 2021-03-10 06:48 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-15 14:04 - 2019-12-07 01:03 - 000000000 ____D C:\Windows\CbsTemp 2021-11-15 13:45 - 2021-04-14 04:50 - 000000000 ____D C:\Users\19192\AppData\Local\Lenovo 2021-11-15 13:45 - 2021-03-10 06:51 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo 2021-11-15 13:45 - 2021-03-10 06:51 - 000000000 ____D C:\Windows\Lenovo 2021-11-15 13:45 - 2021-03-10 06:51 - 000000000 ____D C:\ProgramData\Lenovo 2021-11-14 19:54 - 2021-04-14 04:49 - 000000000 ____D C:\Users\19192\AppData\Local\Packages 2021-11-14 19:52 - 2021-03-10 06:48 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-13 13:36 - 2021-04-14 04:56 - 000000000 ____D C:\Users\19192\AppData\Local\Google 2021-11-13 13:36 - 2021-04-14 04:56 - 000000000 ____D C:\Program Files\Google 2021-11-13 13:19 - 2021-04-14 04:26 - 000000000 ____D C:\Users\19192 2021-11-13 13:04 - 2021-03-10 07:03 - 000000000 ____D C:\Program Files (x86)\Lenovo 2021-11-12 17:30 - 2021-04-19 07:35 - 000000000 ____D C:\Windows\system32\MRT 2021-11-12 17:28 - 2021-03-10 06:52 - 000000000 ____D C:\Program Files\Microsoft Office 2021-11-12 17:21 - 2021-04-19 07:35 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-11-09 22:49 - 2021-04-22 13:36 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-11-09 22:49 - 2021-04-22 13:36 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-11-09 22:48 - 2021-04-22 13:36 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-11-09 22:48 - 2021-04-22 13:35 - 000000000 ____D C:\Program Files\Malwarebytes 2021-11-09 22:46 - 2019-12-07 01:14 - 000000000 ____D C:\Windows\system32\NDF 2021-11-09 17:55 - 2021-04-22 13:29 - 000000000 ____D C:\Users\19192\AppData\Local\D3DSCache 2021-11-09 17:45 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-11-08 14:21 - 2019-12-07 01:14 - 000000000 __RSD C:\Windows\Media 2021-11-07 14:05 - 2021-04-14 05:05 - 002220464 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll 2021-11-07 14:05 - 2021-04-14 05:05 - 000324016 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll 2021-11-07 14:05 - 2021-04-14 05:05 - 000217520 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll 2021-11-07 14:05 - 2021-04-14 05:05 - 000197048 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll 2021-11-07 14:05 - 2021-04-14 05:05 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2021-11-07 14:05 - 2021-04-14 05:05 - 000061872 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe 2021-11-02 21:03 - 2021-04-14 04:49 - 000004321 _____ C:\Windows\system32\InstallUtil.InstallLog 2021-11-02 20:10 - 2020-05-06 10:33 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-10-29 16:20 - 2021-04-14 04:56 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-10-29 16:20 - 2021-04-14 04:56 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================