I am being stalked online. I want to know if there's spyware on my computer and if there's anything I can do about it.
Stalker can accurately tell my online status and what I'm doing, including the contents of customer service tickets I've submitted. Probably aware of this topic I'm making right now.
Here is the FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022
Ran by Eldritch (administrator) on LAPTOP-1O0LBCKU (HP OMEN by HP Laptop) (16-04-2022 01:37:35)
Running from C:\Users\Eldritch\Desktop
Loaded Profiles: Eldritch
Platform: Microsoft Windows 10 Home Version 21H1 19043.1620 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (MPC-HC Team) [File not signed] C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxEM.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (HP Inc. -> HP) C:\Windows\System32\HP3DDGService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.22.3.9\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.22.3.9\nsWscSvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2017-08-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP Inc. -> HP)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1006872022-3032962147-1773234815-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [300160 2021-10-27] (Locktime Software s.r.o. -> Locktime Software)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {130AB2AA-03F2-4FFB-9EBD-74E343307920} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.22.3.9\SymErr.exe [108240 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {1498311B-DDF4-48EA-A28C-74FF76977E05} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134768 2021-04-01] (HP Inc. -> HP Inc.)
Task: {15041582-8DF8-41CA-B2CD-DD1FCDD0B598} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {1D568DFF-9620-4DCE-8378-7778BCC20FA4} - System32\Tasks\Minecraft Education Edition Automatic Updater => C:\Program Files (x86)\Microsoft Studios\Minecraft Education Edition\MinecraftEducationUpdater.exe [5813760 2022-02-02] (Microsoft Studios) [File not signed]
Task: {237A37EC-641B-4601-9777-D3C1B7FDC6D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {2ABBF8B8-CD50-4F8B-A0B7-696E14A5B0CB} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.22.3.9\SymErr.exe [108240 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {348CACF8-0E05-4545-B0AA-B1C52FC1EB54} - System32\Tasks\HPCeeScheduleForEldritch => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-25] (Hewlett-Packard Company -> HP Inc.)
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {431488DB-07D9-46EE-90A5-EA31820619B0} - \HPJumpStartLaunch -> No File <==== ATTENTION
Task: {58562EF0-5036-4779-8F5F-16F28BAA0FCA} - System32\Tasks\Minecraft Education Weekly Updater => C:\Program Files (x86)\Microsoft Studios\Minecraft Education Edition\MinecraftEducationUpdater.exe [5813760 2022-02-02] (Microsoft Studios) [File not signed]
Task: {64CCB79F-EF30-4F8A-9098-65B0D7EA3F51} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {65F2D03D-0D30-443D-BD6B-E87A9D860AA3} - \Hewlett-Packard\HP Support Assistant\Product Configurator -> No File <==== ATTENTION
Task: {67140C98-40BB-42B3-B8F6-C846E28045D9} - \HP\HP CoolSense\HP CoolSense Start at Logon -> No File <==== ATTENTION
Task: {80BA2026-6538-4B6A-AD10-76F52F7B956B} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {9B480ADA-7047-4A44-A01C-213CF1A576AB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A0FE9C1E-5A00-48DE-A113-F82ECE38669E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.22.3.9\WSCStub.exe [646520 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {A7D7AC5D-9E0E-492D-B128-044AA7BC7691} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-28] (HP Inc. -> HP Inc.)
Task: {BE8B0A17-05FF-4BB4-A6F2-999E81370990} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {C0839513-4076-4641-A90C-D1D75585747D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [984432 2021-04-01] (HP Inc. -> HP Inc.)
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {D411B0B7-BF86-4FC1-B232-6DBBB9B86A66} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.22.3.9\SymErr.exe [108240 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {D8460F43-8BF4-4285-B554-E60D9041C039} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {EA49841C-E4A6-4E37-8B64-2F02D084AC96} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> No File <==== ATTENTION
Task: {F203F14B-E3B4-4B2A-BF9A-C9177AFA9B7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {FACCD9E9-FCBB-44B3-AA8E-3DCC25157A6C} - \HPEA3JOBS -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEldritch.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4aac5e63-f4ec-4f50-ad62-d354ab547a53}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-15]
Edge HomePage: Default -> edge://downloads/all
Edge StartupUrls: Default -> "edge://downloads/all"
Edge Session Restore: Default -> is enabled.
Edge Extension: (NoMiner - Block Coin Miners) - C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbidmaebbffkfehijoocpmgiiglbgaea [2022-04-09]
Edge Extension: (AdGuard AdBlocker) - C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-04-15]
Edge Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2022-04-10]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-04-09]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-10]
Edge Extension: (AdBlock Doctor) - C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lojfohldolbkplldokkjgjmcffealmka [2022-04-15]
Edge Extension: (uBlocker - #1 Adblock Tool for Chrome) - C:\Users\Eldritch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ppdonaappkjkbgbncmmjencphdclioab [2022-04-15]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: d9hqv429.default
FF ProfilePath: C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\d9hqv429.default [2022-04-10]
FF ProfilePath: C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release [2022-04-16]
FF Homepage: Mozilla\Firefox\Profiles\opbxbrfx.default-release -> about:blank
FF Extension: (AdGuard AdBlocker) - C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release\Extensions\adguardadblocker@adguard.com.xpi [2022-04-10]
FF Extension: (Privacy Badger) - C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2022-04-10]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-04-10]
FF Extension: (Privacy Possum) - C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release\Extensions\woop-NoopscooPsnSXQ@jetpack.xpi [2022-04-10]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2022-04-10] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (block-miners) - C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release\Extensions\{74b0af75-8791-44e2-95a6-7f0ab94143ec}.xpi [2022-04-10]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Eldritch\AppData\Roaming\Mozilla\Firefox\Profiles\opbxbrfx.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-04-10]
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFPlgn => not found
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-04-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-04-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-06] (HP Inc. -> HP Inc.)
R2 hp3ddgsrv; C:\windows\system32\HP3DDGService.exe [130072 2017-09-23] (HP Inc. -> HP)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-07] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1075744 2017-10-12] (HP Inc. -> HP)
R2 hpsrv; C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe [28192 2017-10-05] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-14] (HP Inc. -> HP Inc.)
S3 Minecraft Education Updater; C:\Program Files (x86)\Microsoft Studios\Minecraft Education Edition\MinecraftEducationUpdater.exe [5813760 2022-02-02] (Microsoft Studios) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [19072 2021-10-27] (Locktime Software s.r.o. -> Locktime Software)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.22.3.9\NortonSecurity.exe [344888 2022-04-05] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.22.3.9\nsWscSvc.exe [1059176 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.22.2.10\Definitions\BASHDefs\20220414.011\BHDrvx64.sys [2018784 2022-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\ccSetx64.sys [191200 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.22.2.10\Definitions\IPSDefs\20220414.061\IDSvia64.sys [1515512 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [193688 2021-10-26] (Locktime Software s.r.o. -> Locktime Software)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\nsvst.sys [56080 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\SRTSP64.SYS [941256 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\SRTSPX64.SYS [50376 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\SYMEFASI64.SYS [2030768 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\SymELAM.sys [31984 2022-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [93120 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.22.2.10\SymPlatform\SymEvnt.sys [712432 2021-06-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\Ironx64.SYS [319152 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\symnets.sys [575344 2022-04-05] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616030.009\wpCtrlDrv.sys [1015760 2022-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2022-04-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
U3 aspnet_state; no ImagePath
S3 EraserUtilDrv11912; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11912.sys [X]
S3 MpKsl9853b280; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{292CB3A4-6CC4-48E8-B180-BD02398BA68D}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-16 01:37 - 2022-04-16 01:39 - 000023624 _____ C:\Users\Eldritch\Desktop\FRST.txt
2022-04-16 01:34 - 2022-04-16 01:35 - 002366464 _____ (Farbar) C:\Users\Eldritch\Desktop\FRST64.exe
2022-04-16 00:00 - 2022-04-16 00:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-04-15 07:54 - 2022-04-15 07:54 - 000004451 _____ C:\Users\Eldritch\Documents\Templates.7z
2022-04-14 03:03 - 2022-04-14 03:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-10 22:35 - 2022-04-10 22:35 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-10 18:10 - 2022-04-10 18:10 - 000002339 _____ C:\Users\Public\Desktop\Minecraft Education Edition.lnk
2022-04-10 18:08 - 2022-04-10 18:08 - 000003748 _____ C:\WINDOWS\system32\Tasks\Minecraft Education Weekly Updater
2022-04-10 18:08 - 2022-04-10 18:08 - 000003438 _____ C:\WINDOWS\system32\Tasks\Minecraft Education Edition Automatic Updater
2022-04-10 18:08 - 2022-04-10 18:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Studios
2022-04-10 14:32 - 2022-04-10 14:32 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-10 14:32 - 2022-04-10 14:32 - 000011791 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-10 14:31 - 2022-04-10 14:31 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-10 14:31 - 2022-04-10 14:31 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-10 13:29 - 2022-04-10 13:29 - 000000000 ___HD C:\$WinREAgent
2022-04-10 08:58 - 2022-04-10 09:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-10 08:33 - 2022-04-10 08:33 - 000001866 _____ C:\Users\Eldritch\Desktop\Minecraft.lnk
2022-04-10 08:16 - 2022-04-10 08:16 - 000192736 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-04-10 08:16 - 2022-04-10 08:16 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Sun
2022-04-10 08:16 - 2022-04-10 08:16 - 000000000 ____D C:\ProgramData\Oracle
2022-04-10 08:15 - 2022-04-10 08:15 - 000000000 ____D C:\Program Files\Java
2022-04-10 07:39 - 2022-04-10 07:39 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-10 07:39 - 2022-04-10 07:39 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-10 05:43 - 2022-04-10 05:45 - 006434896 _____ (Oleg N. Scherbakov) C:\Users\Eldritch\Downloads\HPSupportSolutionsFramework-12.19.53.13.exe
2022-04-10 05:32 - 2022-04-10 16:10 - 000000376 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEldritch.job
2022-04-10 05:32 - 2022-04-10 05:32 - 000003280 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForEldritch
2022-04-10 05:32 - 2022-04-10 05:32 - 000000000 ____H C:\Users\Eldritch\BITDEBA.tmp
2022-04-10 03:23 - 2022-04-10 03:23 - 000000000 ____D C:\Users\Eldritch\Documents\MCCToolchestPE
2022-04-10 03:23 - 2022-04-10 03:23 - 000000000 ____D C:\Users\Eldritch\AppData\Local\jILhSZuRqThbQPTW9VU
2022-04-10 03:22 - 2022-04-10 03:22 - 000002673 _____ C:\Users\Public\Desktop\MCC Tool Chest PE.lnk
2022-04-10 03:22 - 2022-04-10 03:22 - 000002673 _____ C:\ProgramData\Microsoft\Windows\Start Menu\MCC Tool Chest PE.lnk
2022-04-10 03:22 - 2022-04-10 03:22 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Downloaded Installations
2022-04-10 03:22 - 2022-04-10 03:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCC Tool Chest PE
2022-04-10 03:22 - 2022-04-10 03:22 - 000000000 ____D C:\Program Files (x86)\MCCToolChestPE
2022-04-10 03:10 - 2022-04-11 07:31 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Minecraft Education Edition
2022-04-10 03:09 - 2022-04-10 03:09 - 000000000 ____D C:\ProgramData\Microsoft Studios
2022-04-10 03:08 - 2022-04-13 19:10 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\.minecraft
2022-04-10 03:08 - 2022-04-10 06:36 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2022-04-10 02:21 - 2022-04-09 13:11 - 000000000 ____D C:\WINDOWS\Panther
2022-04-10 02:08 - 2022-04-10 02:16 - 000000000 ____D C:\Users\Eldritch\AppData\Local\NPE
2022-04-10 02:03 - 2022-04-09 14:38 - 000000000 ____D C:\Windows.old
2022-04-10 02:02 - 2022-04-10 02:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-04-10 02:01 - 2022-04-10 02:01 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2022-04-10 02:01 - 2022-04-10 02:01 - 000000000 ____D C:\Program Files\Synaptics
2022-04-10 01:58 - 2022-04-10 01:58 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-04-10 01:57 - 2022-04-10 01:57 - 000000000 ____D C:\WINDOWS\Setup
2022-04-10 01:54 - 2022-04-10 01:54 - 000000000 ____D C:\WINDOWS\TextInput
2022-04-10 01:54 - 2022-04-10 01:54 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-04-10 01:54 - 2022-04-10 01:54 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2022-04-10 01:54 - 2022-04-10 01:54 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-04-10 01:48 - 2022-04-10 01:48 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-04-10 01:48 - 2022-04-10 01:48 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2022-04-10 01:48 - 2022-04-10 01:48 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-04-10 01:48 - 2022-04-09 11:27 - 000000000 ____D C:\WINDOWS\OCR
2022-04-10 01:45 - 2022-04-16 01:34 - 000000000 ____D C:\Users\Eldritch\AppData\Local\CrashDumps
2022-04-10 01:44 - 2022-04-10 01:44 - 000000000 ____D C:\WINDOWS\addins
2022-04-10 01:44 - 2022-04-10 01:44 - 000000000 ____D C:\ProgramData\ssh
2022-04-10 01:44 - 2022-04-10 01:44 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-04-10 01:44 - 2022-04-10 01:44 - 000000000 ____D C:\Program Files\MSBuild
2022-04-10 01:44 - 2022-04-10 01:44 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-04-10 01:44 - 2022-04-10 01:44 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-04-10 01:44 - 2022-04-09 13:32 - 000000000 ____D C:\WINDOWS\HoloShell
2022-04-10 01:42 - 2022-04-10 16:17 - 000499842 _____ C:\WINDOWS\system32\perfh012.dat
2022-04-10 01:42 - 2022-04-10 16:17 - 000133498 _____ C:\WINDOWS\system32\perfc012.dat
2022-04-10 01:42 - 2022-04-10 01:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ko
2022-04-10 01:42 - 2022-04-10 01:41 - 000159618 _____ C:\WINDOWS\system32\perfi012.dat
2022-04-10 01:42 - 2022-04-10 01:41 - 000033406 _____ C:\WINDOWS\system32\perfd012.dat
2022-04-10 01:41 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\ko
2022-04-10 01:37 - 2022-04-10 16:17 - 000489798 _____ C:\WINDOWS\system32\perfh011.dat
2022-04-10 01:37 - 2022-04-10 16:17 - 000133474 _____ C:\WINDOWS\system32\perfc011.dat
2022-04-10 01:37 - 2022-04-10 01:37 - 000144624 _____ C:\WINDOWS\system32\perfi011.dat
2022-04-10 01:37 - 2022-04-10 01:37 - 000033402 _____ C:\WINDOWS\system32\perfd011.dat
2022-04-10 01:37 - 2022-04-10 01:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ja
2022-04-10 01:37 - 2022-04-10 01:37 - 000000000 ____D C:\WINDOWS\system32\ja
2022-04-10 01:35 - 2022-04-10 01:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-04-10 01:34 - 2022-04-10 01:42 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-04-10 01:34 - 2022-04-10 01:42 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-04-10 01:34 - 2022-04-10 01:42 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-04-10 01:34 - 2022-04-10 01:42 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-04-10 01:34 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-04-10 01:34 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-04-10 01:34 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-04-10 01:34 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-04-10 01:34 - 2022-04-10 01:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2022-04-10 01:34 - 2022-04-10 01:34 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2022-04-10 01:33 - 2022-04-10 01:33 - 000000000 ____D C:\WINDOWS\system32\0409
2022-04-10 01:33 - 2022-04-10 01:33 - 000000000 ____D C:\WINDOWS\DigitalLocker
2022-04-10 01:27 - 2022-04-10 02:17 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-04-10 01:27 - 2022-04-10 01:22 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2022-04-10 01:27 - 2022-04-10 01:22 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2022-04-10 01:27 - 2022-04-10 01:22 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2022-04-10 01:27 - 2022-04-10 01:22 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2022-04-10 01:26 - 2022-04-10 01:22 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2022-04-10 01:26 - 2022-04-10 01:22 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-04-10 01:26 - 2022-04-10 01:22 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2022-04-10 01:26 - 2022-04-10 01:22 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2022-04-10 01:26 - 2022-04-10 01:22 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2022-04-10 01:25 - 2022-04-15 22:42 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-10 01:25 - 2022-04-15 22:32 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-10 01:25 - 2022-04-15 21:47 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-10 01:25 - 2022-04-14 07:28 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-10 01:25 - 2022-04-11 10:59 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2022-04-10 01:25 - 2022-04-10 18:08 - 000000000 ___RD C:\Program Files (x86)
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-10 01:25 - 2022-04-10 16:06 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-10 01:25 - 2022-04-10 05:29 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-04-10 01:25 - 2022-04-10 03:55 - 000000000 ____D C:\WINDOWS\appcompat
2022-04-10 01:25 - 2022-04-10 02:17 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-04-10 01:25 - 2022-04-10 02:03 - 000000000 __RHD C:\Users\Public\Libraries
2022-04-10 01:25 - 2022-04-10 01:54 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-04-10 01:25 - 2022-04-10 01:54 - 000000000 ____D C:\WINDOWS\SystemApps
2022-04-10 01:25 - 2022-04-10 01:48 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-10 01:25 - 2022-04-10 01:48 - 000000000 ____D C:\WINDOWS\system32\setup
2022-04-10 01:25 - 2022-04-10 01:48 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-04-10 01:25 - 2022-04-10 01:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-10 01:25 - 2022-04-10 01:42 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-04-10 01:25 - 2022-04-10 01:42 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-04-10 01:25 - 2022-04-10 01:42 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-04-10 01:25 - 2022-04-10 01:42 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\system32\Com
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\WINDOWS\IME
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\Program Files\Common Files\System
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-04-10 01:25 - 2022-04-10 01:41 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-04-10 01:25 - 2022-04-10 01:34 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-04-10 01:25 - 2022-04-10 01:33 - 000000000 ____D C:\Program Files\Windows NT
2022-04-10 01:25 - 2022-04-10 01:33 - 000000000 ____D C:\Program Files (x86)\Windows NT
2022-04-10 01:25 - 2022-04-10 01:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2022-04-10 01:25 - 2022-04-10 01:28 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-04-10 01:25 - 2022-04-10 01:28 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-04-10 01:25 - 2022-04-10 01:28 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-04-10 01:25 - 2022-04-10 01:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-04-10 01:25 - 2022-04-10 01:28 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2022-04-10 01:25 - 2022-04-10 01:28 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ___SD C:\WINDOWS\system32\Nui
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\ti-et
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\si-lk
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\my-mm
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\icsxml
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\ias
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\am-et
2022-04-10 01:25 - 2022-04-10 01:27 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 __RSD C:\WINDOWS\Media
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 ____D C:\WINDOWS\L2Schemas
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 ____D C:\WINDOWS\IdentityCRL
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-10 01:25 - 2022-04-10 01:26 - 000000000 ____D C:\WINDOWS\Cursors
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\Web
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\WaaS
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\Vss
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\tracing
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\TAPI
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\winevt
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\ras
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\IME
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\DriverState
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\System
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SKB
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\security
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\schemas
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\SchCache
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\rescache
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\PLA
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\Performance
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\InputMethod
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\Globalization
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\Containers
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\Branding
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\ProgramData\USOShared
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\Program Files\Windows Security
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\Program Files\Common Files\Services
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-04-10 01:25 - 2022-04-10 01:25 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-04-10 01:25 - 2022-04-09 20:57 - 000000000 ____D C:\Program Files\Windows Defender
2022-04-10 01:25 - 2022-04-09 13:43 - 000000000 ____D C:\WINDOWS\Help
2022-04-10 01:25 - 2022-04-09 13:32 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-04-10 01:25 - 2022-04-09 13:21 - 000000000 ____D C:\ProgramData\USOPrivate
2022-04-10 01:25 - 2022-04-09 13:00 - 000000000 ____D C:\WINDOWS\Registration
2022-04-10 01:25 - 2022-04-09 11:28 - 000000000 ____D C:\WINDOWS\system32\spool
2022-04-10 01:25 - 2022-04-09 11:27 - 000000000 ____D C:\WINDOWS\Resources
2022-04-10 01:25 - 2022-04-09 11:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-04-10 01:25 - 2022-04-09 10:37 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-10 01:25 - 2022-04-09 10:27 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2022-04-10 01:23 - 2022-04-11 20:22 - 000000000 ____D C:\WINDOWS\INF
2022-04-10 01:13 - 2022-04-10 14:43 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-10 01:04 - 2022-04-10 01:26 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Wise Memory Optimzer
2022-04-10 01:03 - 2022-04-10 01:03 - 000000000 ____D C:\Program Files\Wise
2022-04-10 01:00 - 2022-04-10 01:00 - 000000000 ____D C:\Users\Eldritch\AppData\Local\mbam
2022-04-10 00:55 - 2022-04-15 14:07 - 094109696 _____ C:\WINDOWS\system32\config\SYSTEM
2022-04-10 00:55 - 2022-04-15 14:07 - 093585408 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-04-10 00:55 - 2022-04-15 14:07 - 002621440 _____ C:\WINDOWS\system32\config\DEFAULT
2022-04-10 00:55 - 2022-04-15 14:07 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-04-10 00:55 - 2022-04-15 14:07 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2022-04-10 00:55 - 2022-04-15 14:07 - 000032768 _____ C:\WINDOWS\system32\config\SAM
2022-04-10 00:55 - 2022-04-10 14:43 - 000000000 ____D C:\WINDOWS\servicing
2022-04-10 00:55 - 2022-04-10 01:25 - 000000000 ____D C:\WINDOWS\system32\SMI
2022-04-10 00:55 - 2022-04-09 23:31 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-10 00:34 - 2022-04-10 00:34 - 000000000 ____D C:\Program Files\7-Zip
2022-04-10 00:05 - 2022-04-10 00:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-10 00:05 - 2022-04-10 00:05 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Mozilla
2022-04-10 00:05 - 2022-04-10 00:05 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Mozilla
2022-04-10 00:04 - 2022-04-14 19:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-10 00:04 - 2022-04-14 19:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-10 00:04 - 2022-04-14 03:03 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-09 23:40 - 2022-04-15 21:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2022-04-09 23:40 - 2022-04-09 23:40 - 000003374 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2022-04-09 23:40 - 2022-04-09 23:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-04-09 23:12 - 2022-04-09 23:12 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\MPC-HC
2022-04-09 23:06 - 2022-04-09 23:08 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2022-04-09 23:06 - 2022-04-09 23:06 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-04-09 23:05 - 2019-12-28 17:00 - 000784384 _____ C:\WINDOWS\system32\xvidcore.dll
2022-04-09 23:05 - 2019-12-28 17:00 - 000681984 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2022-04-09 23:05 - 2019-12-28 17:00 - 000310784 _____ C:\WINDOWS\system32\xvidvfw.dll
2022-04-09 23:05 - 2019-12-28 17:00 - 000284160 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2022-04-09 23:05 - 2017-07-30 18:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2022-04-09 23:05 - 2017-07-30 18:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2022-04-09 23:05 - 2015-10-25 00:00 - 000112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2022-04-09 23:05 - 2015-02-26 00:27 - 000473088 _____ (hxxp://www.mp3dev.org/) C:\WINDOWS\SysWOW64\lameACM.acm
2022-04-09 23:05 - 2012-07-21 18:55 - 000180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2022-04-09 23:05 - 2012-07-21 18:54 - 000122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2022-04-09 23:05 - 2012-05-22 05:48 - 000000415 _____ C:\WINDOWS\SysWOW64\lame_acm.xml
2022-04-09 23:05 - 2011-12-08 01:37 - 000148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2022-04-09 23:05 - 2011-12-08 01:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2022-04-09 23:05 - 2005-01-22 07:53 - 000055296 _____ C:\WINDOWS\system32\huffyuv.dll
2022-04-09 23:05 - 2004-05-19 02:16 - 000039936 _____ (Disappearing Inc.) C:\WINDOWS\SysWOW64\huffyuv.dll
2022-04-09 23:04 - 2022-04-09 23:05 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-04-09 22:49 - 2022-04-09 22:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-09 22:24 - 2022-04-09 22:24 - 000093120 _____ (Broadcom) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2022-04-09 22:24 - 2022-04-09 22:24 - 000010235 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2022-04-09 22:23 - 2022-04-09 23:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2022-04-09 22:23 - 2022-04-09 22:23 - 000000000 ____D C:\Program Files\Norton Security
2022-04-09 22:22 - 2022-04-09 22:22 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Locktime
2022-04-09 22:22 - 2022-04-09 22:22 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2022-04-09 22:18 - 2022-04-09 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2022-04-09 22:18 - 2022-04-09 22:18 - 000000000 ____D C:\ProgramData\Locktime
2022-04-09 22:18 - 2022-04-09 22:18 - 000000000 ____D C:\Program Files\Locktime Software
2022-04-09 21:39 - 2022-04-09 21:39 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Locktime Software
2022-04-09 20:59 - 2022-04-10 10:31 - 000007627 _____ C:\Users\Eldritch\AppData\Local\Resmon.ResmonCfg
2022-04-09 20:42 - 2022-04-09 20:42 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\SeriousBit
2022-04-09 20:38 - 2022-04-09 20:38 - 000000000 ____D C:\ProgramData\SeriousBit
2022-04-09 20:36 - 2016-01-15 08:41 - 000042128 _____ (SeriousBit) C:\WINDOWS\system32\Drivers\nbdrv.sys
2022-04-09 20:29 - 2022-04-15 22:24 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\vlc
2022-04-09 20:28 - 2022-04-10 01:33 - 000000000 ____D C:\Program Files\VideoLAN
2022-04-09 20:25 - 2022-04-16 00:40 - 002740480 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2022-04-09 19:52 - 2022-04-09 19:55 - 012782912 _____ (NortonLifeLock Inc.) C:\Users\Eldritch\Downloads\NRnR (1).exe
2022-04-09 14:05 - 2022-04-09 14:05 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Hewlett-Packard
2022-04-09 14:04 - 2022-04-09 14:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-09 14:01 - 2022-04-10 05:52 - 000000000 ____D C:\Users\Eldritch\AppData\Local\HP
2022-04-09 14:01 - 2022-04-09 22:24 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2022-04-09 14:00 - 2022-04-10 02:08 - 000000000 ____D C:\ProgramData\Norton
2022-04-09 14:00 - 2022-04-09 14:04 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\HP
2022-04-09 14:00 - 2022-04-09 14:00 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\HP Active Health
2022-04-09 14:00 - 2022-04-09 14:00 - 000000000 ____D C:\Users\Eldritch\AppData\Local\HP JumpStart Apps
2022-04-09 14:00 - 2022-04-09 14:00 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Hewlett-Packard
2022-04-09 13:59 - 2022-04-09 14:05 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\hpqLog
2022-04-09 13:59 - 2022-04-09 13:59 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Crashpad
2022-04-09 13:50 - 2022-04-09 13:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-04-09 13:48 - 2022-03-18 00:33 - 000082432 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-04-09 13:48 - 2022-03-18 00:33 - 000071168 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-04-09 13:39 - 2022-04-09 13:39 - 000000000 ____D C:\NVIDIA
2022-04-09 13:37 - 2022-04-09 20:31 - 000000000 ____D C:\Program Files (x86)\NetPeeker
2022-04-09 13:37 - 2022-04-09 13:37 - 000000016 _____ C:\WINDOWS\NetPeeker.strdic
2022-04-09 13:31 - 2022-04-09 13:31 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Comms
2022-04-09 13:22 - 2022-04-09 13:22 - 000000000 ____D C:\Users\Eldritch\AppData\Local\CEF
2022-04-09 13:21 - 2022-04-10 02:34 - 000000000 ____D C:\Users\Eldritch\AppData\Local\D3DSCache
2022-04-09 13:21 - 2022-04-09 13:21 - 000000000 ____D C:\ProgramData\NortonInstaller
2022-04-09 13:19 - 2022-04-09 13:19 - 000000000 ____D C:\Users\Eldritch\AppData\Local\OneDrive
2022-04-09 13:17 - 2022-04-09 13:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-04-09 13:14 - 2022-04-11 03:19 - 000000000 ____D C:\ProgramData\Packages
2022-04-09 13:14 - 2022-04-10 09:21 - 000000000 ____D C:\Users\Eldritch\AppData\Local\NVIDIA
2022-04-09 13:14 - 2022-04-09 13:14 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Publishers
2022-04-09 13:12 - 2022-04-15 22:32 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Packages
2022-04-09 13:12 - 2022-04-09 13:13 - 000000000 ____D C:\Users\Eldritch\AppData\Local\Intel
2022-04-09 13:12 - 2022-04-09 13:12 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Synaptics
2022-04-09 13:12 - 2022-04-09 13:12 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Adobe
2022-04-09 13:12 - 2022-04-09 13:12 - 000000000 ____D C:\Users\Eldritch\AppData\Local\VirtualStore
2022-04-09 13:11 - 2022-04-09 13:12 - 000000000 ____D C:\Users\Eldritch\AppData\Local\ConnectedDevicesPlatform
2022-04-09 13:11 - 2022-04-09 13:11 - 000000020 ___SH C:\Users\Eldritch\ntuser.ini
2022-04-09 13:11 - 2022-04-09 13:11 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Intel
2022-04-09 12:03 - 2022-04-09 12:03 - 000000000 _SHDL C:\Users\Default User
2022-04-09 12:03 - 2022-04-09 12:03 - 000000000 _SHDL C:\Users\All Users
2022-04-09 11:55 - 2022-04-10 16:17 - 002142332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-09 11:53 - 2022-04-09 11:53 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2022-04-09 11:30 - 2022-04-10 05:32 - 000000000 ____D C:\Users\Eldritch
2022-04-09 10:55 - 2022-04-09 10:55 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bang & Olufsen Audio Control.lnk
2022-04-09 10:54 - 2022-04-15 14:07 - 000000014 _____ C:\WINDOWS\system32\Drivers\RtkR0Log.dat
2022-04-09 10:54 - 2022-04-09 10:54 - 000041396 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2022-04-09 10:54 - 2022-04-09 10:54 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2022-04-09 10:54 - 2022-04-09 10:54 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-04-09 10:54 - 2022-04-09 10:54 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2022-04-09 10:54 - 2022-04-09 10:54 - 000000000 ____D C:\ProgramData\SRS Labs
2022-04-09 10:54 - 2022-04-09 10:54 - 000000000 ____D C:\Program Files\Realtek
2022-04-09 10:53 - 2022-04-15 21:47 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-09 10:53 - 2022-04-10 00:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-04-09 10:53 - 2022-04-09 10:53 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-04-09 10:53 - 2022-04-09 10:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-04-09 10:52 - 2022-04-10 05:08 - 000000000 ____D C:\ProgramData\Intel
2022-04-09 10:52 - 2022-04-09 13:47 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2022-04-09 10:52 - 2022-04-09 11:24 - 000000000 ____D C:\Program Files\Intel
2022-04-09 10:52 - 2022-04-09 10:52 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2022-04-09 10:52 - 2022-04-09 10:52 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2022-04-09 10:52 - 2022-04-09 10:52 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_esif_lf_01011.Wdf
2022-04-09 10:52 - 2022-04-09 10:52 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-04-09 10:52 - 2022-04-09 10:52 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2022-04-09 10:50 - 2022-04-10 10:02 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-09 10:50 - 2022-04-10 10:02 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-09 10:49 - 2022-04-09 20:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-09 10:48 - 2022-04-15 21:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-09 10:28 - 2022-04-15 22:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-09 10:28 - 2022-04-10 16:10 - 000332656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-08 08:36 - 2022-04-08 08:36 - 000000112 ___SH C:\bootTel.dat
2022-04-07 23:16 - 2022-04-08 00:57 - 000000000 ____D C:\Users\Eldritch\Downloads\Games
2022-04-07 23:16 - 2022-03-18 11:07 - 000715920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-04-07 23:16 - 2022-03-18 11:04 - 005729728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-04-07 23:15 - 2022-03-18 11:10 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-04-07 23:15 - 2022-03-18 11:10 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-04-07 23:15 - 2022-03-18 11:10 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-04-07 23:15 - 2022-03-18 11:10 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-04-07 23:15 - 2022-03-18 11:10 - 001467864 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-04-07 23:15 - 2022-03-18 11:10 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-04-07 23:15 - 2022-03-18 11:10 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-04-07 23:15 - 2022-03-18 11:10 - 001209432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-04-07 23:15 - 2022-03-18 11:10 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-04-07 23:15 - 2022-03-18 11:10 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-04-07 23:15 - 2022-03-18 11:07 - 000795728 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-04-07 23:15 - 2022-03-18 11:07 - 000636504 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-04-07 23:15 - 2022-03-18 11:06 - 042310288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2022-04-07 23:15 - 2022-03-18 11:06 - 002121664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-04-07 23:15 - 2022-03-18 11:06 - 001600680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-04-07 23:15 - 2022-03-18 11:06 - 001529920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-04-07 23:15 - 2022-03-18 11:06 - 001175696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-04-07 23:15 - 2022-03-18 11:06 - 000981672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-04-07 23:15 - 2022-03-18 11:06 - 000712640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-04-07 23:15 - 2022-03-18 11:05 - 008610472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-04-07 23:15 - 2022-03-18 11:05 - 007713856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-04-07 23:15 - 2022-03-18 11:05 - 005101536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-04-07 23:15 - 2022-03-18 11:05 - 002931880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-04-07 23:15 - 2022-03-18 11:05 - 000792232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-04-07 23:15 - 2022-03-18 11:05 - 000456848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-04-07 23:15 - 2022-03-18 11:03 - 000850064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-04-07 23:15 - 2022-03-18 11:02 - 007611808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-04-07 23:15 - 2022-03-18 11:02 - 006458864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-04-07 23:15 - 2022-03-18 00:33 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-04-07 10:57 - 2022-04-07 10:57 - 000000000 ____H C:\Users\Eldritch\BITE329.tmp
2022-03-24 04:24 - 2022-04-09 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net-Peeker
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-16 01:38 - 2022-03-10 18:22 - 000000000 ____D C:\FRST
2022-04-16 00:50 - 2018-08-28 04:35 - 000000000 ____D C:\Users\Eldritch\AppData\LocalLow\Mozilla
2022-04-15 21:48 - 2018-06-28 12:26 - 000000000 __SHD C:\Users\Eldritch\IntelGraphicsProfiles
2022-04-14 07:28 - 2020-09-16 08:43 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-11 04:15 - 2020-12-25 01:25 - 000008192 ___SH (Microsoft Corporation) C:\DumpStack.log.tmp
2022-04-11 03:55 - 2021-04-29 05:15 - 000000000 ____D C:\Users\Eldritch\Downloads\Norton
2022-04-10 18:10 - 2020-08-28 05:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Education Edition
2022-04-10 08:16 - 2018-09-25 03:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-04-10 05:12 - 2017-11-04 17:30 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-10 04:20 - 2019-01-17 19:30 - 000000000 ____D C:\Users\Eldritch\Downloads\Bandwidth managers
2022-04-10 03:08 - 2021-02-01 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2022-04-10 02:18 - 2021-11-01 01:36 - 000000000 ____D C:\NEO - The World Ends with You
2022-04-10 02:17 - 2022-01-18 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-04-10 01:32 - 2019-01-17 03:08 - 000000000 ____D C:\Users\Eldritch\Downloads\Utilities
2022-04-10 01:03 - 2021-03-30 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer
2022-04-10 00:34 - 2019-06-02 03:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-04-09 23:05 - 2018-09-03 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-04-09 14:05 - 2017-11-04 17:32 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-04-09 13:48 - 2018-01-16 22:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-04-09 13:47 - 2018-01-16 22:30 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-04-09 13:18 - 2018-06-28 12:30 - 000000000 ___RD C:\Users\Eldritch\OneDrive
2022-04-09 13:12 - 2018-06-28 12:26 - 000000000 ___RD C:\Users\Eldritch\3D Objects
2022-04-09 13:12 - 2017-10-06 07:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-04-09 11:57 - 2022-01-18 03:49 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-04-09 11:57 - 2021-02-25 18:12 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer64
2022-04-09 11:57 - 2020-12-22 12:14 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antamedia
2022-04-09 11:57 - 2020-12-17 09:01 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gametree
2022-04-09 11:52 - 2017-09-29 21:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-04-09 11:28 - 2018-01-16 22:34 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2022-04-09 11:27 - 2018-01-16 22:39 - 000000000 ____D C:\WINDOWS\HP
2022-04-09 11:25 - 2018-01-16 22:37 - 000000000 ____D C:\ProgramData\Synaptics
2022-04-09 11:25 - 2018-01-16 22:27 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-04-09 11:25 - 2017-11-04 17:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2022-04-09 11:25 - 2017-11-04 17:32 - 000000000 ___RD C:\Program Files (x86)\Online Services
2022-04-09 11:25 - 2017-11-04 17:32 - 000000000 ____D C:\ProgramData\HP
2022-04-09 11:25 - 2017-11-04 17:32 - 000000000 ____D C:\ProgramData\Apple
2022-04-09 11:24 - 2018-01-16 22:27 - 000000000 ____D C:\Program Files (x86)\Intel
2022-04-09 11:24 - 2017-11-04 17:32 - 000000000 ___RD C:\Program Files\Online Services
2022-04-09 11:24 - 2017-11-04 17:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-04-09 11:24 - 2017-11-04 17:31 - 000000000 ____D C:\Program Files (x86)\HP
2022-04-09 11:24 - 2017-11-04 17:31 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-04-09 11:23 - 2018-01-16 22:34 - 000000000 ____D C:\Program Files\Common Files\Intel
2022-04-09 11:23 - 2017-11-04 17:34 - 000000000 ____D C:\Program Files\HPCommRecovery
2022-04-09 11:23 - 2017-11-04 17:31 - 000000000 ____D C:\Program Files\HP
2022-04-09 00:34 - 2022-01-18 03:49 - 000000000 ____D C:\GrandChase
2022-04-07 23:24 - 2021-11-22 07:46 - 000000000 ____D C:\Users\Eldritch\Downloads\BGM
2022-04-07 22:14 - 2021-02-25 18:56 - 000000000 ____D C:\Users\Eldritch\.Ld2VirtualBox
2022-04-06 22:30 - 2020-11-03 18:57 - 000000000 ____D C:\Users\Eldritch\Downloads\Notes
2022-03-30 15:27 - 2022-01-21 06:22 - 000000000 ____D C:\Elsword
2022-03-29 09:22 - 2021-10-24 19:45 - 000000000 ____D C:\Users\Eldritch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2022-03-19 18:10 - 2022-01-19 04:56 - 000000000 ____D C:\Elsword EU
==================== Files in the root of some directories ========
2022-04-09 20:59 - 2022-04-10 10:31 - 000007627 _____ () C:\Users\Eldritch\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================