Jump to content

JayFreeman120

Members
  • Content Count

    3
  • Joined

  • Last visited

About JayFreeman120

  • Rank
    New Member
  1. Hey there nasdaq, apologies for the late reply. I followed your steps, and I've attached the Fixlog file to my post. I'm still testing it out on the website I used the first time, and malwarebytes is still blocking this infamous "gloyah.net" (Tried it in both chrome and IE, the adware seems to be in both. Maybe I should try uninstalling IE as well?) I can also give you the file location of the adware being blocked if you don't have it already. I'm just happy that the adware isn't really affecting me other than not allowing me to download that program I may want to use in the future, and I want to let you know your help is greatly appreciated. Fixlog.txt
  2. Hello nasdaq, I appreciate your help! Unfortunately, the first instructions didn't work. Here's my FRST.txt and Addition.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01 Ran by Mac (administrator) on MALACHI (Gigabyte Technology Co., Ltd. Z97X-SLI) (24-07-2019 18:27:19) Running from C:\Users\Mac\Downloads Loaded Profiles: Mac (Available Profiles: Mac) Platform: Windows 8.1 (Update) (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Discord Inc. -> Discord Inc.) C:\Users\Mac\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mac\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mac\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\Mac\AppData\Local\Discord\app-0.0.305\Discord.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hi-Rez Studios) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (OOO Lightshot -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Spotify AB -> Spotify Ltd) C:\Users\Mac\AppData\Roaming\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd) C:\Users\Mac\AppData\Roaming\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd) C:\Users\Mac\AppData\Roaming\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd) C:\Users\Mac\AppData\Roaming\Spotify\Spotify.exe (SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe Failed to access process -> Corsair.Service.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> ) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe [34479664 2018-08-08] (Corsair Components, Inc. -> Corsair Components, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) HKU\S-1-5-21-3957397278-2763812798-3511275089-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3210016 2019-07-17] (Valve -> Valve Corporation) HKU\S-1-5-21-3957397278-2763812798-3511275089-1001\...\Run: [Spotify] => C:\Users\Mac\AppData\Roaming\Spotify\Spotify.exe [25591712 2019-07-06] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3957397278-2763812798-3511275089-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35519888 2019-06-20] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3957397278-2763812798-3511275089-1001\...\Run: [Discord] => C:\Users\Mac\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3957397278-2763812798-3511275089-1001\...\Run: [Medal] => C:\Users\Mac\AppData\Local\Medal\update.exe [1840888 2018-12-26] (Ferox Games B.V. -> ) [File not signed] HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\system32\vorbis.acm [1562432 2016-12-15] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed] HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1456448 2016-12-15] (Image Line -> HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-23] (Google LLC -> Google LLC) Startup: C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexon Launcher.lnk [2018-10-10] ShortcutTarget: Nexon Launcher.lnk -> C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe (NEXON Korea Corporation. -> ) Startup: C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-12-19] ShortcutTarget: Twitch.lnk -> C:\Users\Mac\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {159C25E5-4FE3-4018-8751-9BC3A8FF9C31} - System32\Tasks\Uninstaller_SkipUac_Mac => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5312272 2019-06-24] (IObit Information Technology -> IObit) Task: {21559666-0B8D-469F-A308-676870FCA512} - System32\Tasks\update-S-1-5-21-3957397278-2763812798-3511275089-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {300EC9FF-2C6D-4427-99B6-818BCB00C0BD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {66405527-08BE-4813-9BD0-A7F14D02E0D1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {75B498C4-D7A5-4D03-B7D5-D2E109282516} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {77F5FCBB-6CCF-455C-A484-258833BFC29C} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {790A60E5-E347-411A-BAB4-BCC4ACDA11C6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3560304 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7E627AC5-2DC7-49CE-8227-38A8FEADFA6D} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [657472 2019-07-16] (Zemana D.O.O. Sarajevo -> Zemana Ltd.) Task: {8783072B-1732-4B25-B254-F6D78AAD57B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-17] (Google Inc -> Google Inc.) Task: {8E6C50F7-DD78-4175-B7E3-19D845A5DDEB} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9C7A2B65-13A8-4130-96DD-BED5D7414662} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9D8ED21F-8B9D-45AA-84E4-B3B2BEF7108E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-17] (Google Inc -> Google Inc.) Task: {9F7C3FF8-2921-4E51-93CD-41F47283D46C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [562544 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A0C5EE94-A25F-4CC6-A155-DBA9FF9ADE81} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {AC977937-C6AB-4A27-AF2D-1901FDE7392D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E5F1C42C-BE0F-4AAC-AC2F-7F3A5A48BF2B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F4751BAF-2A07-4E21-90C4-41EAB6CE7B20} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [657472 2019-07-16] (Zemana D.O.O. Sarajevo -> Zemana Ltd.) Task: {FCD02586-1A1E-404D-AB7E-CB631A278875} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [1003888 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\update-S-1-5-21-3957397278-2763812798-3511275089-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{0BECF054-10EE-4411-BE48-BD9104402B43}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC) Chrome: ======= CHR HomePage: Default -> msn.com CHR StartupUrls: Default -> "hxxp://www.google.com" CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default [2019-07-24] CHR Extension: (Slides) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-23] CHR Extension: (Docs) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-23] CHR Extension: (Google Drive) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-23] CHR Extension: (YouTube) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-23] CHR Extension: (Awaken the Force Within) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeojddkbfhdgnnicgkgogjnbkdljibb [2019-07-23] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-07-23] CHR Extension: (uBlock Origin) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-23] CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-07-23] CHR Extension: (Sheets) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-23] CHR Extension: (Google Docs Offline) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-07-23] CHR Extension: (Uncanny Cookie Clicker) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmmdenlpgbgmeofmdkhimecmkcgabgno [2019-07-23] CHR Extension: (Chrome Web Store Payments) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-23] CHR Extension: (Gmail) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-23] CHR Extension: (Chrome Media Router) - C:\Users\Mac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-23] CHR HKU\S-1-5-21-3957397278-2763812798-3511275089-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-06] (BattlEye Innovations e.K. -> ) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [45616 2018-08-08] (Corsair Components, Inc. -> Corsair Components, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-28] (Hi-Rez Studios) [File not signed] R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [139504 2019-07-23] (SurfRight B.V. -> SurfRight B.V.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation) S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2019-06-24] (IObit Information Technology -> IObit) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) S3 NGS; C:\Windows\NGService.exe [2994248 2018-10-16] (NEXON Korea Corporation. -> NEXON Korea Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2332464 2019-07-12] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3206448 2019-07-12] (Electronic Arts, Inc. -> Electronic Arts) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 BstHdLogRotatorSvc; "C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2019-07-22] (Zemana D.O.O. Sarajevo -> Copyright 2018.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45528 2018-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21968 2018-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz147; C:\Windows\temp\cpuz147\cpuz147_x64.sys [53848 2019-07-22] (CPUID -> CPUID) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-22] (Martin Malik - REALiX -> REALiX(tm)) R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19312 2019-06-24] (IObit Information Technology -> IObit) R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [25488 2019-06-24] (IObit Information Technology -> IObit) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-07-14] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-07-22] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-07-22] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-22] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-07-22] (Malwarebytes Corporation -> Malwarebytes) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [42760 2016-02-23] (Windows Central Build Account - X -> Microsoft Corporation) S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X] R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-24 18:18 - 2019-07-24 18:20 - 000072647 _____ C:\Users\Mac\Downloads\Addition.txt 2019-07-24 18:17 - 2019-07-24 18:27 - 000026107 _____ C:\Users\Mac\Downloads\FRST.txt 2019-07-24 18:17 - 2019-07-24 18:27 - 000000000 ____D C:\FRST 2019-07-24 18:12 - 2019-07-24 18:12 - 002095104 _____ (Farbar) C:\Users\Mac\Downloads\FRST64.exe 2019-07-23 20:55 - 2019-07-23 20:55 - 000752296 _____ C:\Users\Mac\Downloads\Adware Removal Tool by TSA.exe 2019-07-23 20:55 - 2019-07-23 20:55 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe 2019-07-23 20:55 - 2019-07-23 20:55 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA 2019-07-23 20:46 - 2019-07-23 20:46 - 010960168 _____ (SurfRight B.V.) C:\Users\Mac\Downloads\HitmanPro (1).exe 2019-07-23 20:44 - 2019-07-23 20:44 - 000001869 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2019-07-23 20:44 - 2019-07-23 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2019-07-23 20:43 - 2019-07-23 20:44 - 000000000 ____D C:\Program Files\HitmanPro 2019-07-23 20:43 - 2019-07-23 20:43 - 011539456 _____ (SurfRight B.V.) C:\Users\Mac\Downloads\HitmanPro_x64.exe 2019-07-23 20:41 - 2019-07-23 21:23 - 000000000 ____D C:\ProgramData\HitmanPro 2019-07-23 20:39 - 2019-07-23 20:39 - 010960168 _____ (SurfRight B.V.) C:\Users\Mac\Downloads\HitmanPro.exe 2019-07-23 20:34 - 2019-07-23 21:30 - 000000000 ____D C:\Users\Mac\AppData\Local\Google 2019-07-23 20:34 - 2019-07-23 20:34 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-23 20:34 - 2019-07-23 20:34 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-22 20:14 - 2019-07-22 20:14 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled 2019-07-22 20:05 - 2019-07-22 20:05 - 000002846 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Mac 2019-07-22 20:05 - 2019-07-22 20:05 - 000001371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2019-07-22 20:05 - 2019-07-22 20:05 - 000001359 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2019-07-22 20:05 - 2019-07-22 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2019-07-22 20:04 - 2019-07-22 20:04 - 019476688 _____ (IObit ) C:\Users\Mac\Downloads\iobituninstaller.exe 2019-07-22 20:00 - 2019-07-22 20:00 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS 2019-07-22 19:59 - 2019-07-22 19:59 - 020400128 _____ (IObit ) C:\Users\Mac\Downloads\driver_booster_setup_beta.exe 2019-07-22 19:55 - 2019-07-24 18:27 - 001363050 _____ C:\Windows\ZAM.krnl.trace 2019-07-22 19:55 - 2019-07-22 19:55 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys 2019-07-22 19:55 - 2019-07-22 19:55 - 000003470 _____ C:\Windows\System32\Tasks\AMHelper 2019-07-22 19:55 - 2019-07-22 19:55 - 000002424 _____ C:\Windows\System32\Tasks\AMSkipUAC 2019-07-22 19:55 - 2019-07-22 19:55 - 000001276 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2019-07-22 19:55 - 2019-07-22 19:55 - 000000000 ____D C:\Users\Mac\AppData\Local\Zemana 2019-07-22 19:55 - 2019-07-22 19:55 - 000000000 ____D C:\Users\Mac\AppData\Local\AMSDK 2019-07-22 19:55 - 2019-07-22 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2019-07-22 19:55 - 2019-07-22 19:55 - 000000000 ____D C:\Program Files (x86)\Zemana 2019-07-22 19:54 - 2019-07-22 19:54 - 012664512 _____ (Zemana Ltd. ) C:\Users\Mac\Downloads\AntiMalware_Setup.exe 2019-07-22 16:53 - 2019-07-22 16:53 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-07-22 16:53 - 2019-07-22 16:53 - 000116112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-07-22 16:53 - 2019-07-22 16:53 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-07-22 16:52 - 2019-07-22 16:52 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-07-22 16:50 - 2019-07-22 16:50 - 007025360 _____ (Malwarebytes) C:\Users\Mac\Documents\adwcleaner_7.3.exe 2019-07-22 16:50 - 2019-07-22 16:50 - 000000000 ____D C:\AdwCleaner 2019-07-15 19:36 - 2019-07-22 20:06 - 000000000 ____D C:\ProgramData\ProductData 2019-07-15 19:36 - 2019-07-22 20:06 - 000000000 ____D C:\Program Files (x86)\IObit 2019-07-15 19:36 - 2019-07-15 19:36 - 000000000 ____D C:\Users\Mac\AppData\LocalLow\IObit 2019-07-15 19:35 - 2019-07-22 20:14 - 000000000 ____D C:\ProgramData\IObit 2019-07-15 19:35 - 2019-07-22 20:08 - 000000000 ____D C:\Users\Mac\AppData\Roaming\IObit 2019-07-15 19:35 - 2019-07-15 19:35 - 019476688 _____ (IObit ) C:\Users\Mac\Documents\iobituninstaller.exe 2019-07-14 04:21 - 2019-07-14 04:21 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-07-14 04:21 - 2019-07-14 04:21 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-07-14 04:21 - 2019-07-14 04:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-07-14 04:21 - 2019-07-14 04:21 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-07-14 04:21 - 2019-07-14 04:21 - 000000000 ____D C:\Program Files\Malwarebytes 2019-07-14 04:21 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-07-14 04:20 - 2019-07-14 04:20 - 064333800 _____ (Malwarebytes ) C:\Users\Mac\Documents\mb3-setup-43841.43841-3.8.3.2965-1.0.613-1.0.11270.exe 2019-07-14 04:13 - 2019-07-15 19:37 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Modinstaller 2019-07-14 04:13 - 2019-07-14 04:38 - 000000000 ____D C:\Windows\System32\Tasks\lisog 2019-07-14 04:13 - 2019-07-14 04:38 - 000000000 ____D C:\Users\Mac\AppData\Local\52c4ebcf0bdf4e4f545b381ae31dfd22 2019-07-14 04:13 - 2019-07-14 04:13 - 000001949 _____ C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MC Modinstaller.LNK 2019-07-14 04:12 - 2019-07-14 05:21 - 000000000 ____D C:\ProgramData\AVAST Software 2019-07-14 04:12 - 2019-07-14 04:12 - 000689410 _____ (SmartSoft) C:\Users\Mac\Downloads\OptifineMod.exe 2019-07-09 15:46 - 2019-06-24 23:54 - 001368080 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-07-09 15:46 - 2019-06-24 22:59 - 004169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-07-09 15:46 - 2019-06-24 22:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2019-07-09 15:46 - 2019-06-24 22:07 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-07-09 15:46 - 2019-06-24 21:48 - 001756160 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-07-09 15:46 - 2019-06-24 21:44 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll 2019-07-09 15:46 - 2019-06-24 21:42 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll 2019-07-09 15:46 - 2019-06-24 21:41 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-07-09 15:46 - 2019-06-24 21:41 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2019-07-09 15:46 - 2019-06-24 21:39 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2019-07-09 15:46 - 2019-06-24 21:36 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2019-07-09 15:46 - 2019-06-24 21:31 - 001494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-07-09 15:46 - 2019-06-24 21:28 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2019-07-09 15:46 - 2019-06-24 21:26 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2019-07-09 15:46 - 2019-06-18 00:34 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-07-09 15:46 - 2019-06-18 00:07 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-07-09 15:46 - 2019-06-17 23:59 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-07-09 15:46 - 2019-06-17 23:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-07-09 15:46 - 2019-06-17 23:56 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-07-09 15:46 - 2019-06-17 23:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-07-09 15:46 - 2019-06-17 23:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-07-09 15:46 - 2019-06-17 23:28 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-07-09 15:46 - 2019-06-17 23:20 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-07-09 15:46 - 2019-06-17 23:19 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-07-09 15:46 - 2019-06-17 23:13 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2019-07-09 15:46 - 2019-06-17 23:08 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-07-09 15:46 - 2019-06-17 23:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-07-09 15:46 - 2019-06-17 23:06 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-07-09 15:46 - 2019-06-17 23:06 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2019-07-09 15:46 - 2019-06-17 23:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-07-09 15:46 - 2019-06-17 23:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-07-09 15:46 - 2019-06-17 22:55 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-07-09 15:46 - 2019-06-17 22:55 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2019-07-09 15:46 - 2019-06-17 22:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-07-09 15:46 - 2019-06-17 22:43 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-07-09 15:46 - 2019-06-17 22:42 - 001349120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2019-07-09 15:46 - 2019-06-17 22:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-07-09 15:46 - 2019-06-17 22:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-07-09 15:46 - 2019-06-17 22:33 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2019-07-09 15:46 - 2019-06-15 11:22 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-07-09 15:46 - 2019-06-11 20:51 - 000169256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-07-09 15:46 - 2019-06-11 09:37 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe 2019-07-09 15:46 - 2019-06-11 09:35 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe 2019-07-09 15:46 - 2019-06-10 17:42 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-07-09 15:46 - 2019-06-10 17:42 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-07-09 15:46 - 2019-06-10 17:42 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-07-09 15:46 - 2019-06-10 17:42 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-07-09 15:46 - 2019-06-10 17:42 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-07-09 15:46 - 2019-06-10 17:42 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-07-09 15:46 - 2019-06-10 17:42 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-07-09 15:46 - 2019-06-10 17:42 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-07-09 15:46 - 2019-06-08 12:09 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-07-09 15:46 - 2019-06-08 11:55 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2019-07-09 15:46 - 2019-06-08 11:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-07-09 15:46 - 2019-06-08 11:33 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2019-07-09 15:46 - 2019-06-08 10:55 - 007035392 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-07-09 15:46 - 2019-06-08 10:53 - 006217216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2019-07-09 15:46 - 2019-06-06 18:49 - 007362800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-07-09 15:46 - 2019-06-06 13:14 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-07-09 15:46 - 2019-06-02 11:42 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2019-07-09 15:46 - 2019-05-24 22:32 - 002013432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-07-09 15:46 - 2019-05-15 16:33 - 000333552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2019-07-09 15:46 - 2019-05-14 20:53 - 000136800 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-07-09 15:46 - 2019-05-14 10:18 - 003718144 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-07-09 15:35 - 2019-06-24 22:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-07-09 15:35 - 2019-06-24 22:24 - 000129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2019-07-08 17:28 - 2019-07-08 17:28 - 000034069 _____ C:\Users\Mac\Documents\Malachi-GardnerNew.pdf 2019-07-07 01:06 - 2019-07-07 01:06 - 000000000 ____D C:\Users\Mac\AppData\Local\TekkenGame 2019-07-07 00:02 - 2019-07-07 00:02 - 000000222 _____ C:\Users\Mac\Desktop\TEKKEN 7.url 2019-07-06 15:34 - 2019-07-06 15:34 - 000000219 _____ C:\Users\Mac\Desktop\Team Fortress 2.url 2019-06-28 23:00 - 2019-06-28 23:00 - 006921695 _____ C:\Users\Mac\Downloads\MCDrugs 2017 Resource Pack (1.1).zip 2019-06-25 18:36 - 2019-06-25 18:36 - 000001040 _____ C:\Users\Public\Desktop\Call of Duty Black Ops 4.lnk 2019-06-24 22:42 - 2019-06-24 22:42 - 000000000 ____D C:\Users\Mac\AppData\Roaming\EasyAntiCheat 2019-06-24 19:23 - 2019-07-11 16:28 - 000000000 ____D C:\Program Files (x86)\Call of Duty Black Ops 4 2019-06-24 16:11 - 2019-06-24 16:31 - 000000000 ____D C:\Users\Mac\AppData\Local\HyperLightDrifter 2019-06-24 16:10 - 2019-06-24 16:10 - 000000272 _____ C:\Users\Mac\Desktop\Hyper Light Drifter.url ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-24 17:25 - 2017-06-17 23:29 - 000000400 _____ C:\Windows\Tasks\update-sys.job 2019-07-24 16:55 - 2017-06-18 03:40 - 000003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BB172A7D-6AD8-46E5-8E33-6994565D1915} 2019-07-24 16:46 - 2017-06-18 00:03 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Spotify 2019-07-24 16:29 - 2017-06-17 23:29 - 000000400 _____ C:\Windows\Tasks\update-S-1-5-21-3957397278-2763812798-3511275089-1001.job 2019-07-24 12:25 - 2017-06-17 19:03 - 000000000 ____D C:\ProgramData\NVIDIA 2019-07-23 23:25 - 2017-06-17 19:06 - 000000000 ____D C:\Program Files (x86)\Steam 2019-07-23 23:05 - 2017-06-17 19:06 - 000000000 ____D C:\Users\Mac\AppData\Roaming\discord 2019-07-23 22:14 - 2017-06-18 00:22 - 000000000 ____D C:\Users\Mac\AppData\Roaming\.minecraft 2019-07-23 22:14 - 2017-06-18 00:22 - 000000000 ____D C:\Program Files (x86)\Minecraft 2019-07-23 21:57 - 2017-06-18 03:41 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3957397278-2763812798-3511275089-1001 2019-07-23 18:52 - 2017-12-17 21:41 - 000000000 ____D C:\Users\Mac\AppData\Local\LogMeIn Hamachi 2019-07-22 21:04 - 2017-06-18 00:04 - 000000000 ____D C:\Users\Mac\AppData\Local\Spotify 2019-07-22 20:32 - 2019-02-04 20:20 - 000000000 ____D C:\Program Files (x86)\Origin 2019-07-22 20:12 - 2018-10-20 22:39 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Mozilla 2019-07-22 19:37 - 2017-06-18 00:54 - 000000000 __SHD C:\Users\Mac\IntelGraphicsProfiles 2019-07-22 16:52 - 2018-03-04 02:03 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2019-07-22 16:52 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-07-22 16:51 - 2017-06-18 03:36 - 000000000 ___HD C:\Users\Mac 2019-07-22 00:35 - 2019-02-04 20:19 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Origin 2019-07-22 00:24 - 2019-02-04 20:23 - 000000000 ____D C:\Program Files (x86)\Origin Games 2019-07-22 00:24 - 2019-02-04 20:19 - 000000000 ____D C:\ProgramData\Origin 2019-07-21 23:29 - 2017-06-18 20:25 - 000000000 ____D C:\Users\Mac\AppData\Local\osu! 2019-07-20 22:57 - 2018-08-24 01:09 - 000000000 ____D C:\Users\Mac\AppData\Local\Ubisoft Game Launcher 2019-07-20 22:28 - 2014-11-21 04:44 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI 2019-07-20 22:28 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf 2019-07-15 22:58 - 2018-07-03 05:43 - 000000000 ____D C:\Users\Mac\Desktop\HitFilm Express Exports 2019-07-15 22:19 - 2018-10-02 18:33 - 000000000 ____D C:\Users\Mac\Downloads\!!Project 2019-07-15 21:25 - 2017-06-22 17:00 - 000000000 ____D C:\Users\Mac\AppData\Local\CrashDumps 2019-07-14 22:09 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache 2019-07-14 05:20 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-07-14 04:58 - 2018-12-26 22:02 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ferox Games 2019-07-14 04:58 - 2018-12-26 22:02 - 000000000 ____D C:\Users\Mac\AppData\Local\Medal 2019-07-14 04:57 - 2017-12-19 20:59 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Twitch 2019-07-14 04:55 - 2018-10-10 19:08 - 000000000 ____D C:\Users\Mac\AppData\Roaming\NexonLauncher 2019-07-14 04:54 - 2018-12-26 22:02 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Medal 2019-07-14 04:49 - 2013-08-22 10:44 - 000337808 _____ C:\Windows\system32\FNTCACHE.DAT 2019-07-14 04:46 - 2017-06-20 19:18 - 000000000 ____D C:\Windows\system32\appraiser 2019-07-14 04:46 - 2017-06-17 20:12 - 000000000 ____D C:\Users\Mac\AppData\Local\Battle.net 2019-07-14 04:46 - 2013-08-22 11:36 - 000000000 ___RD C:\Windows\ToastData 2019-07-14 04:46 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-07-14 04:46 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\system32\Dism 2019-07-14 03:06 - 2018-10-20 22:39 - 000000000 ____D C:\Users\Mac\AppData\LocalLow\Mozilla 2019-07-13 15:54 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp 2019-07-11 15:35 - 2017-06-20 14:46 - 000000000 ____D C:\Windows\system32\MRT 2019-07-11 15:31 - 2017-06-20 14:46 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-07-09 16:05 - 2017-06-20 13:26 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2019-07-08 17:29 - 2017-06-22 16:55 - 000000000 ____D C:\Users\Mac\Documents\Black Desert 2019-07-07 01:06 - 2017-09-28 20:50 - 000000000 ____D C:\Users\Mac\AppData\Local\UnrealEngine 2019-07-06 14:06 - 2017-07-19 13:44 - 000000000 ____D C:\Users\Mac\Downloads\Manga 2019-07-02 14:16 - 2019-02-18 17:31 - 000000000 ____D C:\Program Files (x86)\Overwatch 2019-06-29 01:31 - 2019-05-25 22:25 - 000000000 ____D C:\Users\Mac\AppData\Roaming\slobs-client 2019-06-27 16:22 - 2017-06-17 23:15 - 000000000 ____D C:\Program Files (x86)\Blizzard App 2019-06-27 14:07 - 2017-10-21 23:34 - 000000000 ____D C:\Users\Mac\Downloads\BirdArt 2019-06-24 16:10 - 2017-12-19 21:07 - 000000000 ____D C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games ==================== Files in the root of some directories ================ 2018-03-30 20:02 - 2018-03-30 20:11 - 000000096 _____ () C:\Users\Mac\AppData\Roaming\LauncherSettings_live.cfg 2017-06-17 23:29 - 2017-06-17 23:29 - 000000003 _____ () C:\Users\Mac\AppData\Local\updater.log 2017-06-17 23:29 - 2017-06-17 23:29 - 000000425 _____ () C:\Users\Mac\AppData\Local\UserProducts.xml ==================== FCheck ================================ (If an entry is included in the fixlist, the file/folder will be moved.) FCheck: C:\Windows\SysWOW64\lastpass_1337.exe [2017-12-17] <==== ATTENTION (zero byte File/Folder) ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-07-22 01:07 ==================== End of FRST.txt ============================ Addition.txt
  3. Hi there, I'm new to the site, but not new to computers. About a week ago, I was in a hurry to get to playing a game of minecraft with some of my friends, and I accidentally installed a Trojan that included Chrominium, Avast, etc while in a hurry to get optifine, a program that boost's the game's framerate. Luckily, I got rid of the actual harmful software using control panel, and I thought I was virus free up to the point where I tried to install optifine from the ACTUAL website. I was constantly redirected to Gloyah(.)net, where Malwarebyte's (thankfully) blocked it every time. I haven't seen this redirect anywhere else but the optifine website, but I guarantee you that its the original website. The list of programs I've used to try and get rid of this so far include: Malwarebytes Adwcleaner Hitmanpro Zemana ART by TSA All of these softwares got rid of any additional harmful programs, but all failed to detect this gloyah.net adware redirect. Whenever I delete the actual files from my google folder, they simply come back brand new after a few minutes. I have adblock, so I'm probably not seeing the actual annoying part of this adware, but I'd still like to get rid of it just to avoid any other nonsense that may come with it in the future.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.