Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.02.2024 Ran by nwort (administrator) on LAPTOP-GN573EL9 (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X513EA_X513EA) (11-02-2024 18:48:13) Running from C:\Users\nwort\Desktop\FRST64.exe Loaded Profiles: nwort Platform: Microsoft Windows 10 Home Version 22H2 19045.3996 (X64) Language: English (United Kingdom) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12131.3.2010.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOSD.exe (C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe ->) () [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimizationStartupTask.exe (DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe (DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxEMN.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <18> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8> (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\AsusAppService\AsusAppService.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimization.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManager.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSwitch\AsusSwitch.exe (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2> (services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_89b1ad385fab2e0b\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_e72614dff5a8a910\Intel_PIE_Service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_06dd582276d3f601\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe (sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe (svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe (svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\nwort\AppData\Local\Microsoft\OneDrive\24.015.0121.0003\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_97f3cd9b850501f1\RtkAudUService64.exe <3> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-1660784041-1680324514-1991157008-1001\...\Run: [MicrosoftEdgeAutoLaunch_1A0352803E0A09F4D32D90747118FE51] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788856 2024-02-08] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.161\Installer\chrmstp.exe [2024-02-11] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {DD1B02F3-FC0D-4140-B59D-3906A5B47094} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusHotkey.exe [311944 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {639CEFDD-0DCA-4F4A-BD64-532192C075A6} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusUpdateChecker.exe [802440 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {2D5E4D77-6DC5-4EDE-934D-B2B1DC8D8717} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4789384 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {81DC9CD2-5EE6-49D4-B595-404F455CB93A} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\nwort\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2024-02-11] (ESET, spol. s r.o. -> ESET) Task: {FF44B138-083B-40E4-8F69-D416C670ED47} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\nwort\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2024-02-11] (ESET, spol. s r.o. -> ESET) Task: {1F9D4F8E-6CDC-45AD-871D-339B8D01933F} - System32\Tasks\GoogleUpdateTaskMachineCore{62209BDE-0750-47F8-9611-A4BA295A241A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-11] (Google LLC -> Google LLC) Task: {0CFF808B-FD21-42B6-B7B8-8263B1A998F6} - System32\Tasks\GoogleUpdateTaskMachineUA{E0848C57-03D7-4998-9739-5BE0C404A743} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-02-11] (Google LLC -> Google LLC) Task: {CBDC5AFC-A3EB-4AD2-9713-EA2098B660D2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {71AC9C1A-D16A-4B7E-B28B-ACB755D0AE57} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {89CA93F7-9D6D-4EF5-802F-1CAE9498CB32} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {C4479F87-863F-49F7-98F2-429C3A845851} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {9331B6A5-CDD4-4561-806E-C42BA585175E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {31884222-C93B-4685-8B8C-FC635FD9BFD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {07B5E7E3-932F-4957-BF25-CFAA96C545C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {942F68B5-06CF-46D7-980E-C27FDF440519} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0507557B-F127-48F2-945E-C9D6324D7B96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7F99ED33-4805-4CD9-A4CA-70CE20DCE4F4} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-12-21] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {4CB2319D-0F72-42B4-8303-FD78930EECFE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-21] (Mozilla Corporation -> Mozilla Foundation) Task: {98681065-222D-4A17-A8C3-16BB38BC8C80} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_97f3cd9b850501f1\RtkAudUService64.exe [3453816 2022-03-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\244584572663D205157374: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\244584572663D205157374: [DhcpDomain] home Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\353554022427F616462616E64602241364649353: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\353554022427F616462616E64602241364649353: [DhcpDomain] lan Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\35B4950303632323: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\35B4950303632323: [DhcpDomain] Home Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\35B495A54415D455: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\35B495A54415D455: [DhcpDomain] Home Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\45E4341405441363631413: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\45E4341405441363631413: [DhcpDomain] lan Tcpip\..\Interfaces\{258058e1-d061-4ad8-bc82-42735737b32b}\65D453232313438303: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{29eb9f1b-a044-4c0d-814b-c21f9d30ce4a}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{776cdf07-e39e-4dd4-8790-e0e3e0027fb5}: [DhcpNameServer] 10.66.144.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\nwort\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-11] Edge Extension: (Google Docs Offline) - C:\Users\nwort\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25] Edge Extension: (Edge relevant text changes) - C:\Users\nwort\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25] Edge Extension: (uBlock Origin) - C:\Users\nwort\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-01-04] FireFox: ======== FF DefaultProfile: g80wa9hb.default FF ProfilePath: C:\Users\nwort\AppData\Roaming\Mozilla\Firefox\Profiles\g80wa9hb.default [2024-02-11] FF ProfilePath: C:\Users\nwort\AppData\Roaming\Mozilla\Firefox\Profiles\w8moyui1.default-release-1702217715008 [2024-02-11] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\nwort\AppData\Local\Google\Chrome\User Data\Default [2024-02-11] CHR Extension: (Google Docs Offline) - C:\Users\nwort\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\nwort\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-11] Opera: ======= OPR Profile: C:\Users\nwort\AppData\Roaming\Opera Software\Opera Stable [2024-02-11] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\nwort\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-02-20] OPR Extension: (Opera Wallet) - C:\Users\nwort\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-20] OPR Extension: (Amazon Assistant Promotion) - C:\Users\nwort\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-02-20] Brave: ======= BRA Profile: C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-02-11] BRA Extension: (Torrent Scanner) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-10-26] BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-10-26] BRA Extension: (Auto HD/4k/8k for YouTube™ - YouTube™ Auto HD) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjdmkanbdloodhegphphhklnjfngoffa [2023-10-26] BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-10-29] BRA Extension: (Brave Local Data Files Updater) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-01] BRA Extension: (Brave NTP background images) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-10-26] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-11-01] BRA Extension: (Wallet Data Files Updater) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-10-31] BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-01] BRA Extension: (Brave Ads Resources) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\cmdlemldhabgmejfognbhdejendfeikd [2023-10-26] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-01] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-10-26] BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-01] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-10-31] BRA Extension: (Brave NTP sponsored images) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjpbonbjgpinifgnneajcbigekbpfige [2023-11-01] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\nwort\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-26] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\AsusAppService\AsusAppService.exe [1177224 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusOptimization.exe [529552 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSoftwareManager\AsusSoftwareManager.exe [1369232 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSwitch\AsusSwitch.exe [641272 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4789384 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [845456 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14045768 2024-02-03] (Microsoft Corporation -> Microsoft Corporation) R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [215560 2021-06-06] (DTS, Inc. -> DTS Inc.) R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_06dd582276d3f601\AS\IAS\IntelAudioService.exe [532024 2022-06-02] (Intel Corporation -> Intel) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-07] (Malwarebytes Inc. -> Malwarebytes) R2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> ) S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [193776 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-05-13] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-05-13] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [526848 2023-11-06] (Microsoft Windows -> Microsoft Corporation) S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [115176 2021-07-08] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSSystemAnalysis\AsusSAIO.sys [49224 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f2eed2fae3b45a67\ASUSOptimization\AsusWmiAcpi.sys [48928 2024-01-10] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps) S3 DroidCamVideo; C:\Windows\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 GSCAuxDriver; C:\Windows\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_c88f56fe4c2427d9\GSCAuxDriverx64.sys [76040 2021-02-17] (Intel(R) pGFX 2020 -> Intel Corporation) S3 GSCx64; C:\Windows\System32\DriverStore\FileRepository\gscheci.inf_amd64_8eebd147e5c5a413\TeeDriverGSCW8x64.sys [251120 2021-02-17] (Intel(R) pGFX 2020 -> Intel Corporation) R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation) R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-26] (Intel Corporation -> Intel Corporation) R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_d97909364d9908a5\IntcUSB.sys [892968 2022-06-02] (Intel Corporation -> Intel(R) Corporation) R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation) S3 iriuna0; C:\Windows\system32\drivers\iriuna0.sys [46976 2021-04-06] (Iriun Oy -> Windows (R) Win 7 DDK provider) S3 iriunvid; C:\Windows\System32\DriverStore\FileRepository\iriunvid.inf_amd64_daa9f7b9ae89ea8c\iriunvid.sys [164976 2022-08-24] (Iriun Oy -> Windows (R) Win 7 DDK provider) R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl78cd6965; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C67FA60D-EC5D-4769-B4A9-69758E1C9784}\MpKslDrv.sys [263560 2024-02-11] (Microsoft Windows -> Microsoft Corporation) R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2019-11-11] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-02-11 18:48 - 2024-02-11 18:48 - 000031106 _____ C:\Users\nwort\Desktop\FRST.txt 2024-02-11 18:42 - 2024-02-11 18:47 - 000000000 ____D C:\Program Files (x86)\Google 2024-02-11 18:42 - 2024-02-11 18:42 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{E0848C57-03D7-4998-9739-5BE0C404A743} 2024-02-11 18:42 - 2024-02-11 18:42 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{62209BDE-0750-47F8-9611-A4BA295A241A} 2024-02-11 18:42 - 2024-02-11 18:42 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-02-11 18:42 - 2024-02-11 18:42 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-02-11 18:42 - 2024-02-11 18:42 - 000000000 ____D C:\Users\nwort\AppData\Local\Google 2024-02-11 18:40 - 2024-02-11 18:40 - 000000544 _____ C:\Users\nwort\Desktop\Fixlog.txt 2024-02-11 15:03 - 2024-02-11 15:03 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2024-02-11 15:03 - 2024-02-11 15:03 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2024-02-11 15:03 - 2024-02-11 15:03 - 000001190 _____ C:\Users\nwort\Desktop\eset.txt 2024-02-11 13:52 - 2024-02-11 13:52 - 000001278 _____ C:\Users\nwort\Desktop\ESET Online Scanner.lnk 2024-02-11 13:50 - 2024-02-11 13:50 - 015274968 _____ (ESET) C:\Users\nwort\Desktop\esetonlinescanner.exe 2024-02-11 13:13 - 2024-02-11 13:14 - 001376816 _____ (Google LLC) C:\Users\nwort\Downloads\ChromeSetup (1).exe 2024-02-11 13:11 - 2024-02-11 13:11 - 000178001 _____ C:\Users\nwort\Documents\bookmarks_2_11_24.html 2024-02-10 15:52 - 2024-02-10 15:52 - 000019106 _____ C:\Users\nwort\Desktop\chkdsk c.txt 2024-02-10 15:48 - 2024-02-10 17:19 - 000052504 _____ C:\Users\nwort\Desktop\ListChkdskResult.txt 2024-02-10 15:48 - 2024-02-10 15:48 - 000000112 ___SH C:\bootTel.dat 2024-02-10 15:35 - 2024-02-10 15:35 - 000197679 _____ C:\Users\nwort\Desktop\ListChkdskResult.exe 2024-02-09 21:30 - 2024-02-09 21:30 - 000001830 _____ C:\Users\nwort\Desktop\CrystalDiskInfo.lnk 2024-02-09 21:30 - 2024-02-09 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2024-02-09 21:30 - 2024-02-09 21:30 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2024-02-09 21:28 - 2024-02-09 21:28 - 005804824 _____ (Crystal Dew World ) C:\Users\nwort\Desktop\CrystalDiskInfo9_2_2.exe 2024-02-09 21:24 - 2024-02-09 21:27 - 000000000 ___HD C:\$WinREAgent 2024-02-09 11:45 - 2024-02-09 11:45 - 000075046 _____ C:\Users\nwort\Downloads\fd statement 0009 03022024.pdf 2024-02-09 11:45 - 2024-02-09 11:45 - 000075046 _____ C:\Users\nwort\Downloads\fd statement 0009 03022024 (1).pdf 2024-02-09 11:01 - 2024-02-11 18:48 - 000000000 ____D C:\FRST 2024-02-09 11:01 - 2024-02-11 17:39 - 000000000 ____D C:\Users\nwort\Desktop\FRST-OlderVersion 2024-02-09 11:00 - 2024-02-11 17:39 - 002389504 _____ (Farbar) C:\Users\nwort\Desktop\FRST64.exe 2024-02-03 18:50 - 2024-02-03 18:50 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-01-26 17:33 - 2024-01-26 17:33 - 000019697 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-01-26 17:33 - 2024-01-26 17:33 - 000019697 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-02-11 18:47 - 2021-12-15 22:35 - 000000000 ____D C:\Windows\SystemTemp 2024-02-11 18:44 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-11 17:21 - 2020-11-21 12:38 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-02-11 13:52 - 2021-11-21 12:31 - 000001384 _____ C:\Users\nwort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2024-02-11 13:36 - 2021-11-21 06:30 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 2024-02-11 13:33 - 2021-07-04 17:36 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI 2024-02-11 13:33 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF 2024-02-11 13:30 - 2023-05-09 19:47 - 000000000 ____D C:\Users\nwort\AppData\Local\Malwarebytes 2024-02-11 13:29 - 2021-11-20 15:37 - 000000000 __SHD C:\Users\nwort\IntelGraphicsProfiles 2024-02-11 13:29 - 2021-07-04 18:29 - 000000000 ___HD C:\Intel 2024-02-11 13:29 - 2020-11-21 12:38 - 000008192 ___SH C:\DumpStack.log.tmp 2024-02-11 13:29 - 2020-11-21 12:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-02-11 13:29 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ServiceState 2024-02-11 13:29 - 2019-12-07 09:03 - 000786432 _____ C:\Windows\system32\config\BBI 2024-02-11 13:27 - 2022-02-17 17:59 - 000000000 ____D C:\Users\nwort\AppData\LocalLow\Temp 2024-02-11 13:25 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp 2024-02-11 10:15 - 2022-01-22 11:47 - 000000000 ____D C:\Users\nwort\AppData\Local\CrashDumps 2024-02-10 13:03 - 2021-11-20 21:28 - 000000000 ____D C:\Users\nwort\AppData\Roaming\Microsoft\PowerPoint 2024-02-10 10:21 - 2020-11-21 12:40 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-02-10 10:21 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-10 10:21 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness 2024-02-10 10:15 - 2021-11-20 17:09 - 000000000 ____D C:\Users\nwort\AppData\Roaming\vlc 2024-02-09 12:38 - 2022-11-07 19:01 - 000000394 _____ C:\Users\nwort\Desktop\Tiger.txt 2024-02-09 10:41 - 2022-10-27 11:51 - 000000000 ____D C:\Users\nwort\AppData\LocalLow\IGDump 2024-02-09 08:29 - 2021-11-20 15:38 - 000000000 ____D C:\Users\nwort\AppData\Local\Packages 2024-02-05 21:15 - 2020-11-21 12:40 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-05 21:15 - 2020-11-21 12:40 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-05 18:20 - 2021-12-11 15:56 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1660784041-1680324514-1991157008-1001 2024-02-05 18:20 - 2021-11-20 15:39 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1660784041-1680324514-1991157008-1001 2024-02-05 18:20 - 2021-11-20 15:34 - 000002385 _____ C:\Users\nwort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-02-04 19:05 - 2021-11-20 21:34 - 000000000 ____D C:\Users\nwort\AppData\Roaming\Microsoft\Excel 2024-02-03 18:50 - 2020-11-21 12:43 - 000000000 ____D C:\Program Files\Microsoft Office 2024-02-02 18:19 - 2021-11-20 21:01 - 000000000 ____D C:\Users\nwort\AppData\Roaming\Microsoft\Word 2024-02-01 17:59 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\LiveKernelReports 2024-01-30 09:20 - 2021-07-04 18:29 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0 2024-01-30 09:20 - 2021-07-04 18:29 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3 2024-01-27 08:26 - 2023-11-01 07:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-01-26 22:04 - 2020-11-21 12:38 - 000493376 _____ C:\Windows\system32\FNTCACHE.DAT 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\migwiz 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\appraiser 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellComponents 2024-01-26 22:03 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr 2024-01-26 17:33 - 2020-11-21 12:40 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-01-16 10:16 - 2022-07-25 20:41 - 000000000 ____D C:\Users\nwort\AppData\Roaming\Microsoft\MMC 2024-01-12 17:56 - 2022-10-09 15:17 - 000000000 ____D C:\Users\nwort\AppData\Local\ElevatedDiagnostics 2024-01-12 08:36 - 2021-11-21 10:59 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================