Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-10-2022 02 Ran by Butchminer (administrator) on DESKTOP-VNVO45U (31-10-2022 14:51:20) Running from C:\Users\Butchminer\Downloads Loaded Profiles: Butchminer Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Čeština (Česko) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.204.2.2\OverwolfHelper.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.204.2.2\OverwolfHelper64.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe <3> (C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2> (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Program Files\Mozilla Firefox\firefox.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c34732273f7dc48f\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\COMFAST\WifiAutoInstall\WifiAutoInstallSrv.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-09-26] (Avast Software s.r.o. -> AVAST Software) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-3001442554-1269640083-1560990174-1001\...\Run: [Spotify] => C:\Users\Butchminer\AppData\Roaming\Spotify\Spotify.exe [20073848 2022-10-16] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3001442554-1269640083-1560990174-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3001442554-1269640083-1560990174-1001\...\Run: [MicrosoftEdgeAutoLaunch_A17693F9331D0CB694390B57CD4EC482] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-29] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3001442554-1269640083-1560990174-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-09-22] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3001442554-1269640083-1560990174-1001\...\MountPoints2: {74e7671e-1016-11ed-a6ba-b06ebf3326b6} - "E:\Setup.exe" HKU\S-1-5-21-3001442554-1269640083-1560990174-1001\...\MountPoints2: {752e51df-054b-11ed-a6b9-b06ebf3326b6} - "E:\Setup.exe" HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0CA5584C-BA4F-4E2D-988C-63DBDEA57693} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {13301115-58F6-4050-9BE2-5F3D955B6767} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software) Task: {1555B4C9-F94D-4162-812F-D93FDBF3D84E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {17015A60-58BA-48AC-A183-04BBA36D8DBE} - System32\Tasks\CCleanerSkipUAC - Butchminer => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {1EBE3E8B-ED1C-414C-9A62-97CD4548EC1C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Task: {28C4341D-EBE4-49FA-B6C6-6D1528308430} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {2A7FB0A2-133F-429E-8139-A3225B654F2C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2BC0AAAA-97C1-4861-A3DF-AD3E7F3A2BB0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {49BA8B2B-5676-46D5-8160-653EF039D2F9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {569365B4-642B-4436-94D7-F6457BF6B4BC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation) Task: {57DA8E44-D4C6-429F-9680-6D70CD474EF5} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {5B1C2AA8-F21F-457C-9D19-10E22F822ECC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5C155817-0626-4536-B909-3C1A1870A647} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {91842326-7F13-4FB7-8F58-34AA0E17E3E8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File) Task: {97F1345E-45CC-471A-8545-46B8025C8570} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {9CA4354A-8AD6-4155-91C3-57A480A24906} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {A29FDD1B-9C18-4B10-852F-F23D3C5DB968} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {A4D90862-B89D-43A1-B127-0D368936530D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation) Task: {AFE19718-5EE1-4747-B1D9-5237555F3799} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform) Task: {B6ACD43D-3C82-4C0B-B251-55820CA4D8D7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {B79268C3-72AC-4D63-851A-E277B6A85D55} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD) Task: {C44EDEC9-F8DC-4EA1-854D-49683130A242} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {D26739F8-7EF5-4EC8-9D27-2EE2712230D3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "cef32ee3-0b51-460d-a0c9-3ea13d4060c9" --version "6.04.10044" --silent Task: {D4F464FE-313F-41AA-B439-65E8B62EDB49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D7E4C136-E254-4E5B-968B-EEA0175A48CE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {D85C6193-DA13-4D5F-8E14-AF901928F8A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4946144 2022-09-26] (Avast Software s.r.o. -> AVAST Software) Task: {DBA45521-7658-4855-A050-C0D70F10C021} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation) Task: {DCC00F8B-2955-4BFC-8678-E23CB8055A28} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {E317D07A-05FA-4032-8672-2BBC8CAA22DB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {FC162A78-3625-4257-8C68-BE56CC3EFA16} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation) Task: {FFCBDE78-E2EB-444A-9C3F-81084A3407A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3bbbc98f-0473-4cb8-964a-3d0755f4881a}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{eb84276a-80c3-4366-90a5-5b1f702cccbe}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Butchminer\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-18] Edge Extension: (IBM Security Rapport) - C:\Users\Butchminer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2022-07-16] Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc] FireFox: ======== FF DefaultProfile: k70hvvjv.default FF ProfilePath: C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\k70hvvjv.default [2022-04-09] FF Extension: (IBM Security Rapport) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2022-07-16] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF ProfilePath: C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release [2022-10-31] FF Homepage: Mozilla\Firefox\Profiles\0z5jq23j.default-release -> seznam.cz FF Extension: (Easy Screenshot) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\easyscreenshot@mozillaonline.com.xpi [2022-04-09] FF Extension: (To Google Translate) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-04-09] FF Extension: (IBM Security Rapport) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\rapportext@trusteer.com.xpi [2022-07-16] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Z77 OC Formula-Born to be fast) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\{55608b32-6439-4b59-8706-59235dfe42c2}.xpi [2022-04-09] FF Extension: (Nvidia - The Way It's Meant to Be Played) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\{5cb97675-8d95-48e8-a9bf-952e4856b71f}.xpi [2022-04-09] FF Extension: (FormApps Extension) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\{91F8AFE1-B5AB-4BFF-B54A-E571BAC717DB}.xpi [2022-10-11] FF Extension: (DELL) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\{986d92a3-fe85-43ff-a7d8-ba1f59aa81d3}.xpi [2022-04-09] FF Extension: (Web Developer) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2022-04-09] FF Extension: (Formula 1 - Ferrari F14-T) - C:\Users\Butchminer\AppData\Roaming\Mozilla\Firefox\Profiles\0z5jq23j.default-release\Extensions\{fe543801-5789-4c0b-96c0-ce5aef318e34}.xpi [2022-04-09] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-09-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-09-08] (Microsoft Corporation -> Microsoft Corporation) ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-06] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-04-09] (Avast Software s.r.o. -> AVAST Software) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3016432 2022-08-24] (International Business Machines Corporation -> IBM Corp.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14865896 2022-04-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WifiAutoInstallSrv; C:\Program Files\COMFAST\WifiAutoInstall\WifiAutoInstallSrv.exe [136128 2018-04-18] (Realtek Semiconductor Corp. -> Realtek) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c34732273f7dc48f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c34732273f7dc48f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42296 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-09-26] (Avast Software s.r.o. -> AVAST Software) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-05-05] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] R3 GKUPRO2D; C:\WINDOWS\System32\drivers\GKUPRO2D.sys [146320 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [454032 2022-08-24] (International Business Machines Corporation -> IBM Corp.) R1 RapportCerberus_2204255; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2204255.sys [1491664 2022-09-18] (International Business Machines Corporation -> IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [552272 2022-08-24] (International Business Machines Corporation -> IBM Corp.) R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [402840 2022-08-24] (International Business Machines Corporation -> IBM Corp.) R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [453528 2022-08-24] (International Business Machines Corporation -> IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [574544 2022-08-24] (International Business Machines Corporation -> IBM Corp.) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtl8188gu.sys [1208768 2018-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-10-31 14:50 - 2022-10-31 14:50 - 000000000 ____D C:\Users\Butchminer\Downloads\FRST-OlderVersion 2022-10-31 14:32 - 2022-10-31 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-10-31 14:31 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2022-10-31 14:30 - 2022-10-31 14:30 - 000000000 ___HD C:\$WinREAgent 2022-10-28 18:39 - 2022-10-31 14:38 - 000002331 ____C C:\Users\Butchminer\Desktop\iTero Drafting Coach.lnk 2022-10-19 20:43 - 2022-10-23 20:19 - 000000000 ____D C:\Users\Butchminer\AppData\Roaming\discord 2022-10-19 20:43 - 2022-10-22 18:44 - 000000000 ____D C:\Users\Butchminer\AppData\Local\Discord 2022-10-19 20:43 - 2022-10-19 20:43 - 000002256 ____C C:\Users\Butchminer\Desktop\Discord.lnk 2022-10-19 20:43 - 2022-10-19 20:43 - 000000000 ___DC C:\Users\Butchminer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2022-10-19 20:43 - 2022-10-19 20:43 - 000000000 ____D C:\Users\Butchminer\AppData\Local\SquirrelTemp 2022-10-19 20:42 - 2022-10-19 20:43 - 083119912 _____ (Discord Inc.) C:\Users\Butchminer\Downloads\DiscordSetup.exe 2022-10-18 17:59 - 2022-10-18 17:59 - 000002184 ____C C:\Users\Butchminer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk 2022-10-14 23:14 - 2022-10-14 23:14 - 000002371 ____C C:\Users\Butchminer\Desktop\U.GG.lnk 2022-10-14 22:52 - 2022-10-30 16:18 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task 2022-10-14 22:52 - 2022-10-28 18:39 - 000000000 ___DC C:\Users\Butchminer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2022-10-14 22:52 - 2022-10-14 22:52 - 000001182 _____ C:\Users\Public\Desktop\Overwolf.lnk 2022-10-14 22:52 - 2022-10-14 22:52 - 000000000 ____D C:\Program Files (x86)\Overwolf 2022-10-14 22:51 - 2022-10-14 22:52 - 000000000 ____D C:\ProgramData\Overwolf 2022-10-14 22:50 - 2022-10-31 14:37 - 000000000 ____D C:\Users\Butchminer\AppData\Local\Overwolf 2022-10-14 22:50 - 2022-10-14 22:50 - 001254288 _____ (Overwolf Ltd.) C:\Users\Butchminer\Downloads\U.GG - Installer.exe 2022-10-14 19:42 - 2022-10-14 19:43 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2022-10-14 19:40 - 2022-10-07 04:01 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2022-10-13 20:33 - 2022-10-11 06:00 - 001967904 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-10-13 20:33 - 2022-10-11 06:00 - 001967904 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-10-13 20:33 - 2022-10-11 06:00 - 001524488 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-10-13 20:33 - 2022-10-11 06:00 - 001524488 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-10-13 20:33 - 2022-10-11 06:00 - 001471992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-10-13 20:33 - 2022-10-11 06:00 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-10-13 20:33 - 2022-10-11 06:00 - 001432320 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-10-13 20:33 - 2022-10-11 06:00 - 001214000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-10-13 20:33 - 2022-10-11 06:00 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-10-13 20:33 - 2022-10-11 06:00 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-10-13 20:33 - 2022-10-11 05:56 - 000870928 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-10-13 20:33 - 2022-10-11 05:56 - 000823312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-10-13 20:33 - 2022-10-11 05:56 - 000693760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-10-13 20:33 - 2022-10-11 05:55 - 002246664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-10-13 20:33 - 2022-10-11 05:55 - 001653248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-10-13 20:33 - 2022-10-11 05:55 - 001523216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-10-13 20:33 - 2022-10-11 05:55 - 001261064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-10-13 20:33 - 2022-10-11 05:55 - 001185272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-10-13 20:33 - 2022-10-11 05:55 - 000987672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-10-13 20:33 - 2022-10-11 05:55 - 000709640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-10-13 20:33 - 2022-10-11 05:54 - 015218688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-10-13 20:33 - 2022-10-11 05:54 - 012540912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-10-13 20:33 - 2022-10-11 05:54 - 005429248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-10-13 20:33 - 2022-10-11 05:54 - 003101176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-10-13 20:33 - 2022-10-11 05:54 - 000457232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-10-13 20:33 - 2022-10-11 05:53 - 005906416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2022-10-13 20:33 - 2022-10-11 05:53 - 005753360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-10-13 20:33 - 2022-10-11 05:52 - 000853552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-10-13 20:33 - 2022-10-11 05:51 - 006457800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2022-10-13 20:33 - 2022-10-07 04:01 - 000095170 _____ C:\WINDOWS\system32\nvinfo.pb 2022-10-13 17:47 - 2022-10-13 17:47 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2022-10-12 19:40 - 2022-10-12 19:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-10-12 19:40 - 2022-10-12 19:40 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-10-12 18:43 - 2022-10-12 18:50 - 000039287 _____ C:\Users\Butchminer\Downloads\Addition.txt 2022-10-12 18:41 - 2022-10-31 14:52 - 000026181 _____ C:\Users\Butchminer\Downloads\FRST.txt 2022-10-12 18:41 - 2022-10-31 14:51 - 000000000 ____D C:\FRST 2022-10-12 18:39 - 2022-10-31 14:50 - 002374144 _____ (Farbar) C:\Users\Butchminer\Downloads\FRST64.exe 2022-10-11 19:49 - 2022-10-11 19:49 - 000164668 _____ C:\Users\Butchminer\Downloads\Vaše pojistka-1.pdf 2022-10-11 19:48 - 2022-10-11 19:48 - 000119800 _____ C:\Users\Butchminer\Downloads\Přijetí návrhu na změnu pojistné smlouvy.pdf 2022-10-11 19:47 - 2022-10-11 19:47 - 000164668 _____ C:\Users\Butchminer\Downloads\Vaše pojistka.pdf 2022-10-11 15:48 - 2022-10-11 15:48 - 009694960 _____ (Crawler Group ) C:\Users\Butchminer\Downloads\SpywareTerminatorSetup.exe 2022-10-09 23:08 - 2022-10-31 14:36 - 093061120 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-10-09 23:01 - 2022-10-09 23:08 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-10-09 16:43 - 2022-10-14 21:16 - 000007602 _____ C:\Users\Butchminer\AppData\Local\Resmon.ResmonCfg 2022-10-07 23:55 - 2022-10-07 23:55 - 000000000 ____D C:\Users\Butchminer\AppData\Local\Blizzard Entertainment 2022-10-07 23:54 - 2022-10-07 23:54 - 000000000 ____D C:\ProgramData\Battle.net 2022-10-07 18:53 - 2022-10-07 18:53 - 007028376 _____ (OpenTTD Developers) C:\Users\Butchminer\Downloads\openttd-12.2-windows-win64.exe 2022-10-07 18:53 - 2022-10-07 18:53 - 000000000 ____D C:\Program Files\OpenTTD 2022-10-06 20:00 - 2022-10-06 20:00 - 000000000 ___HD C:\$SysReset 2022-10-03 20:22 - 2022-10-03 20:22 - 000000000 ____D C:\ProgramData\Piriform 2022-10-03 20:19 - 2022-10-11 17:04 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2022-10-03 20:19 - 2022-10-11 17:03 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-10-03 20:19 - 2022-10-11 17:03 - 000002938 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2022-10-03 20:19 - 2022-10-11 17:03 - 000002324 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Butchminer 2022-10-03 20:19 - 2022-10-11 15:20 - 000000000 ____D C:\Program Files\CCleaner 2022-10-01 13:39 - 2022-10-01 13:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-10-01 13:39 - 2022-10-01 13:39 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-10-01 13:39 - 2022-10-01 13:39 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-10-01 13:38 - 2022-10-01 13:38 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-10-01 13:38 - 2022-10-01 13:38 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-10-31 14:51 - 2018-11-12 18:37 - 000000000 ___DC C:\Users\Butchminer\AppData\LocalLow\Mozilla 2022-10-31 14:45 - 2022-04-09 22:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-31 14:41 - 2022-04-09 22:28 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat 2022-10-31 14:41 - 2022-04-09 22:28 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat 2022-10-31 14:41 - 2022-04-09 22:25 - 000000000 ____D C:\WINDOWS\INF 2022-10-31 14:41 - 2022-04-09 21:45 - 001693200 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-31 14:40 - 2022-04-09 22:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-10-31 14:39 - 2022-04-09 22:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-10-31 14:39 - 2022-04-09 22:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-10-31 14:39 - 2022-04-09 22:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-10-31 14:37 - 2022-04-09 21:34 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-31 14:36 - 2022-04-10 11:57 - 000000000 ____D C:\Program Files\TeamViewer 2022-10-31 14:36 - 2022-04-09 22:32 - 000000000 ____D C:\ProgramData\Avast Software 2022-10-31 14:36 - 2022-04-09 21:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-31 14:36 - 2020-12-06 17:22 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-31 14:35 - 2022-04-09 22:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-10-31 14:32 - 2022-04-09 21:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-10-31 14:31 - 2022-04-09 22:22 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-31 14:31 - 2022-04-09 22:09 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-31 14:31 - 2022-04-09 22:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-10-31 14:31 - 2022-04-09 22:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-10-31 14:29 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-31 14:29 - 2022-04-09 22:25 - 000000000 ____D C:\ProgramData\Riot Games 2022-10-31 14:28 - 2022-04-09 22:26 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-31 14:28 - 2020-07-13 19:26 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-30 16:18 - 2022-04-09 21:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2022-10-30 16:18 - 2022-04-09 21:34 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-30 16:18 - 2022-04-09 21:34 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-29 09:36 - 2022-04-09 21:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-28 18:21 - 2022-04-09 22:44 - 000000000 ____D C:\Users\Butchminer\AppData\Local\Avast Software 2022-10-28 15:14 - 2022-08-29 19:16 - 000000000 ____D C:\Users\Butchminer\AppData\Roaming\Spotify 2022-10-27 18:24 - 2022-04-09 22:42 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-10-25 20:12 - 2022-08-29 19:17 - 000000000 ____D C:\Users\Butchminer\AppData\Local\Spotify 2022-10-19 21:04 - 2022-04-09 22:02 - 000000000 ____D C:\Users\Butchminer\AppData\Local\D3DSCache 2022-10-17 07:25 - 2022-04-09 22:09 - 002890296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2022-10-17 07:25 - 2022-04-09 22:09 - 002224696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2022-10-17 07:25 - 2022-04-09 22:09 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2022-10-14 19:43 - 2022-04-09 21:52 - 000000000 ____D C:\Users\Butchminer\AppData\Local\NVIDIA 2022-10-14 19:40 - 2022-04-09 21:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-10-12 20:24 - 2022-04-09 21:32 - 000637240 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-12 20:23 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-12 20:23 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-12 20:23 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-12 20:23 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-12 20:23 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-12 19:40 - 2022-04-09 21:36 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-10-12 19:08 - 2022-04-09 21:58 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-12 19:06 - 2022-04-09 21:58 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-12 18:59 - 2022-04-09 21:36 - 000000000 ____D C:\Users\Butchminer 2022-10-12 18:22 - 2022-09-08 18:06 - 000000000 ____D C:\Program Files\Microsoft Office 2022-10-11 17:04 - 2022-09-27 18:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-10-11 05:51 - 2022-04-02 15:07 - 007587792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2022-10-09 22:36 - 2022-04-09 22:09 - 000000000 ____D C:\ProgramData\Package Cache 2022-10-09 22:36 - 2021-10-03 08:56 - 000000000 ___RD C:\Users\DefaultAppPool\OneDrive 2022-10-09 22:36 - 2018-05-22 18:41 - 000000000 ___RD C:\Users\Butchminer\OneDrive 2022-10-09 16:04 - 2022-04-09 22:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-10-08 15:46 - 2022-04-09 21:54 - 000000000 ____D C:\Users\Butchminer\AppData\Local\PlaceholderTileLogoFolder 2022-10-08 15:45 - 2022-04-09 21:52 - 000000000 ____D C:\Users\Butchminer\AppData\Local\Packages 2022-10-07 23:54 - 2022-04-10 12:05 - 000000000 ____D C:\Users\Butchminer\AppData\Roaming\Origin 2022-10-07 23:54 - 2022-04-10 12:05 - 000000000 ____D C:\Users\Butchminer\AppData\Local\Origin 2022-10-07 23:54 - 2022-04-10 11:57 - 000000000 ____D C:\ProgramData\Origin 2022-10-07 18:53 - 2020-10-27 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD 2022-10-07 18:50 - 2022-07-30 21:01 - 000000000 ____D C:\Users\Butchminer\AppData\Local\CrashDumps 2022-10-07 04:01 - 2022-04-02 15:12 - 000129000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2022-10-03 20:27 - 2022-04-09 22:32 - 000000000 ____D C:\WINDOWS\Panther 2022-10-01 13:47 - 2022-04-09 22:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-01 13:47 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-01 13:47 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-01 13:47 - 2022-04-09 22:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-01 13:42 - 2022-04-09 22:26 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2022-10-01 13:42 - 2022-04-09 22:26 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll ==================== Files in the root of some directories ======== 2022-10-09 16:43 - 2022-10-14 21:16 - 000007602 _____ () C:\Users\Butchminer\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================