Jump to content

thanks_for_your_help

Members
  • Content Count

    10
  • Joined

  • Last visited

About thanks_for_your_help

  • Rank
    New Member
  1. Sorry for the late reply, Nasdaq. It's odd because that same report saying dashost.exe is a trojan hasn't been triggered since then. Should I still do this anyway?
  2. Oops I can't edit. Here's the new log: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020 01 Ran by Player_One (administrator) on DESKTOP-QR3BEFQ (Micro-Star International Co., Ltd. MS-7B45) (24-01-2020 08:27:52) Running from C:\Users\Player_One\Desktop Loaded Profiles: Player_One (Available Profiles: Player_One) Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe (A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe (JRT Studio LLC) [File not signed] C:\Program Files (x86)\JRT Studio\iSyncr\iSyncr.exe (Kristjan Skutta -> ) G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe (Sony Computer Entertainment Inc.) [File not signed] C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\Steam.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Zetetic, LLC -> Zetetic LLC) C:\Program Files (x86)\Zetetic LLC\Codebook\Codebook.exe Failed to access process -> RE2RUTrainer.exe Failed to access process -> RE2RUTrainer.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [737248 2018-07-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-27] (Heidi Computers Ltd -> The Eraser Project) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2018-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-03-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-12-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [Steam] => G:\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [97671824 2020-01-15] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [WallpaperEngine] => G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2579960 2020-01-12] (Kristjan Skutta -> ) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\MountPoints2: {3410c3b3-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\MountPoints2: {3410c693-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [Steam] => G:\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [97671824 2020-01-15] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [WallpaperEngine] => G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2579960 2020-01-12] (Kristjan Skutta -> ) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\MountPoints2: {3410c3b3-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\MountPoints2: {3410c693-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [Steam] => G:\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [97671824 2020-01-15] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [WallpaperEngine] => G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2579960 2020-01-12] (Kristjan Skutta -> ) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\MountPoints2: {3410c3b3-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\MountPoints2: {3410c693-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation(R).lnk [2018-10-31] ShortcutTarget: Content Manager Assistant for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.) [File not signed] Startup: C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Codebook Secret Agent.lnk [2019-12-14] ShortcutTarget: Codebook Secret Agent.lnk -> C:\Program Files (x86)\Zetetic LLC\Codebook\Codebook.exe (Zetetic, LLC -> Zetetic LLC) GroupPolicy: Restriction ? <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01C34B67-8653-4560-8D1D-1DDDBFBCC583} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3AEDD53D-4577-4FF8-886A-E3EC10F23491} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6054816 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {3B57E75C-659F-489E-95B1-5789FC686C83} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042744 2019-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {3B963E55-8BA4-4D64-8294-7D9182F0B076} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042744 2019-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {46FF6E3F-4F56-4B0A-8D96-0C6EC4E2B468} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-28] (Google Inc -> Google Inc.) Task: {4A06D05B-3E79-4103-80A2-DC2D3C972831} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1094024 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5CD05F4E-5759-49A7-A40C-1621DE88839A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-28] (Google Inc -> Google Inc.) Task: {6BEEBFA6-E6A0-44FE-A42E-532404665677} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [804592 2019-11-28] (A-Volute -> Nahimic) Task: {6E8A581A-F526-4162-BEF3-4A5B85F68507} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7E7282A4-2925-40A8-9DA4-C1FCCFFF7B24} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {80ADEF8F-9152-4D0C-958F-6E6A9D349509} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [817472 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {834A48C3-8723-41E8-8AB5-237711FC00A7} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe [1074936 2019-11-28] (A-Volute -> Nahimic) Task: {854BC509-FBAD-4DC3-9FD2-600D461B592C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2146712 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {85E086EA-F733-4E9F-8E38-B4264080C9ED} - System32\Tasks\BlueStacksHelper => G:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-15] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {AAA729D2-A0DC-44E6-888A-CD22C71CE259} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AF07284A-EE6C-4B00-BF17-4C6AD36EC723} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B9C231C5-6716-499F-B538-D1695D589657} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BCE884DB-1898-4AC5-94C6-C95F6171E230} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2146712 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {D0D0FAE4-6B2D-426E-9909-8F74FFD2C62B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [128856 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {D6E60A58-4188-4B01-97ED-1856FC28BB12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6054816 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {D7611697-E67D-4449-B86A-F3C68638DEB5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [128856 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {E82D0873-A351-42CB-AC46-6C1855533CBE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EC2F9BA3-7B8C-42C6-96C2-80833E582794} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ECBCC4E2-208C-467A-91D2-84297EB07334} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F2A6DAA6-8BC7-45DD-8161-31B494D53DBC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F558CAE6-5713-494C-AA3B-DDC2493AAC05} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [12664936 2018-08-22] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61 Tcpip\..\Interfaces\{00a3bb54-fd48-480a-88c7-95e4148645c1}: [DhcpNameServer] 209.18.47.63 209.18.47.61 Tcpip\..\Interfaces\{c589e7c1-7b5a-45c9-84d3-3e0ad2db832c}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 3dxgry6y.default FF ProfilePath: C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default [2020-01-23] FF Extension: (Download Statusbar) - C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default\Extensions\{76faaba6-3aa1-47a4-bf40-90aa2505e79c}.xpi [2018-10-07] FF Extension: (Anime girl shooting stars) - C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default\Extensions\{7cd1afa4-b4c3-46d2-9933-1832e8f3d3a3}.xpi [2019-04-02] FF Extension: (Video DownloadHelper) - C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-23] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default [2020-01-24] CHR Extension: (Slides) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-28] CHR Extension: (Docs) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-28] CHR Extension: (Google Drive) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-28] CHR Extension: (YouTube) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-28] CHR Extension: (Sheets) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-28] CHR Extension: (Google Docs Offline) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2019-11-08] CHR Extension: (Gmail) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25] CHR Extension: (Chrome Media Router) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [558208 2020-01-15] (NZXT, Inc. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11156344 2019-12-05] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2019-12-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.) U2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> ) R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> ) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation) R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [File not signed] S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343608 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2252472 2017-12-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2506936 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2724536 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2018-08-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> ) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1758968 2019-11-28] (A-Volute -> Nahimic) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; G:\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts) R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [737248 2018-07-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation) S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-14] (ASUSTeK Computer Inc. -> ) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-11-20] (Bluestack Systems, Inc. -> Bluestack System Inc. ) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [20696 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2020-01-24] (CPUID S.A.R.L.U. -> CPUID) R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2020-01-20] (CPUID S.A.R.L.U. -> CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34368 2018-01-16] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30280 2018-07-19] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes Corporation -> Malwarebytes) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73328 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53360 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [22640 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [341104 2018-07-27] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [141848 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider) S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2020-01-13] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2020-01-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2020-01-20] (Malwarebytes Corporation -> Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2020-01-19] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2020-01-24] (Malwarebytes Corporation -> Malwarebytes) R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [400392 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_827405c7c65146ab\nvlddmkm.sys [22377352 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-16] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation) R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [451792 2019-04-02] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [223680 2019-10-16] (Invincea, Inc. -> Sandboxie Holdings, LLC) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [30720 2012-07-14] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-08-14] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-08-14] (Oracle Corporation -> Oracle Corporation) R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2018-02-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation) S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects) S3 GPUZ; \??\C:\Users\PLAYER~1\AppData\Local\Temp\GPUZ.sys [X] <==== ATTENTION U3 iswSvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-24 08:27 - 2020-01-24 08:28 - 000052707 _____ C:\Users\Player_One\Desktop\FRST.txt 2020-01-24 08:05 - 2020-01-24 08:06 - 000085457 _____ C:\Users\Player_One\Downloads\Addition.txt 2020-01-24 08:04 - 2020-01-24 08:06 - 000080423 _____ C:\Users\Player_One\Downloads\FRST.txt 2020-01-24 08:04 - 2020-01-24 08:04 - 000000000 ____D C:\Users\Player_One\Downloads\FRST-OlderVersion 2020-01-24 08:03 - 2020-01-24 08:04 - 002580480 _____ (Farbar) C:\Users\Player_One\Desktop\FRST64.exe 2020-01-23 14:02 - 2020-01-23 14:03 - 000000000 ____D C:\Users\Player_One\Downloads\movies 2020-01-23 06:12 - 2020-01-23 06:12 - 000000693 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Modmanager.lnk 2020-01-23 06:09 - 2020-01-23 06:09 - 011371063 _____ C:\Users\Player_One\Downloads\modmanager.rar 2020-01-21 09:53 - 2020-01-21 09:53 - 001208273 _____ C:\Users\Player_One\Documents\bookmarks_1_21_20.html 2020-01-21 08:27 - 2020-01-21 08:27 - 000000000 ____D C:\ProgramData\Caphyon 2020-01-21 06:46 - 2020-01-21 06:46 - 000000000 ____D C:\WINDOWS\LastGood 2020-01-20 01:53 - 2020-01-20 01:53 - 000000000 _____ C:\WINDOWS\cpepmon.mlf 2020-01-19 01:00 - 2020-01-19 01:00 - 000000000 ____D C:\Users\Player_One\Downloads\original image emmas hair 2020-01-19 00:59 - 2020-01-19 00:59 - 000000000 ____D C:\Users\Player_One\Downloads\original image accessories leon 2020-01-16 00:48 - 2020-01-16 00:48 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serscan.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2020-01-16 00:42 - 2019-12-09 19:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-01-16 00:42 - 2019-12-09 18:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-01-13 07:34 - 2020-01-24 08:00 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2020-01-13 07:34 - 2020-01-20 01:50 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2020-01-13 07:34 - 2020-01-20 01:50 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2020-01-13 07:34 - 2020-01-19 08:14 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-01-13 07:34 - 2020-01-13 07:34 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-01-13 07:34 - 2020-01-13 07:34 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-01-13 07:34 - 2020-01-13 07:34 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-01-13 07:34 - 2020-01-13 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-01-13 07:34 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-01-13 07:33 - 2020-01-13 07:33 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-01-13 05:17 - 2020-01-13 05:17 - 004984576 _____ C:\Users\Player_One\Desktop\mbst-grab-results.zip 2020-01-13 05:15 - 2020-01-24 08:28 - 000000000 ____D C:\FRST 2020-01-13 05:05 - 2020-01-21 08:27 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codebook.lnk 2020-01-13 05:05 - 2020-01-13 05:05 - 000000000 ____D C:\Program Files (x86)\Zetetic LLC 2020-01-13 04:58 - 2020-01-13 04:58 - 000988148 _____ C:\WINDOWS\Minidump\011320-8984-01.dmp 2020-01-13 04:20 - 2020-01-13 04:20 - 001140388 _____ C:\WINDOWS\Minidump\011320-8890-01.dmp 2020-01-13 03:45 - 2020-01-13 03:45 - 003800044 _____ C:\WINDOWS\Minidump\011320-9171-01.dmp 2020-01-11 19:51 - 2020-01-11 19:51 - 000000000 ____D C:\Program Files (x86)\Corsair 2020-01-11 19:48 - 2020-01-13 04:58 - 1391114978 _____ C:\WINDOWS\MEMORY.DMP 2020-01-11 19:48 - 2020-01-13 04:58 - 000000000 ____D C:\WINDOWS\Minidump 2020-01-11 19:48 - 2020-01-11 19:48 - 004101628 _____ C:\WINDOWS\Minidump\011120-11078-01.dmp 2020-01-07 06:16 - 2020-01-07 06:16 - 000000000 ____D C:\Users\Player_One\Downloads\Accessories Leon (Framework)-77-1-0-1552083508 2020-01-06 04:41 - 2020-01-09 05:55 - 000000749 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Resident Evil 2 Remake Ultimate Trainer.lnk 2020-01-01 20:41 - 2020-01-01 20:41 - 000000000 ____D C:\Users\Player_One\AppData\Local\4kdownload.com 2019-12-27 16:33 - 2019-12-27 00:10 - 378398556 _____ C:\Users\Player_One\Downloads\2019_12_27_00_03_28.mp4 2019-12-27 16:32 - 2019-12-27 05:08 - 136188174 _____ C:\Users\Player_One\Downloads\2019_12_27_05_06_17.mp4 2019-12-27 16:32 - 2019-12-27 00:32 - 221658699 _____ C:\Users\Player_One\Downloads\2019_12_27_00_29_10.mp4 2019-12-27 16:32 - 2019-12-27 00:27 - 114571665 _____ C:\Users\Player_One\Downloads\2019_12_27_00_25_21.mp4 2019-12-27 16:32 - 2019-12-27 00:13 - 114812088 _____ C:\Users\Player_One\Downloads\2019_12_27_00_11_39.mp4 2019-12-27 11:39 - 2019-12-27 17:30 - 000000000 ____D C:\Users\Player_One\Deezloader Music 2019-12-25 20:17 - 2019-12-25 20:17 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\Bandicam Company 2019-12-25 20:16 - 2019-12-25 20:21 - 000001061 _____ C:\Users\Public\Desktop\Bandicam.lnk 2019-12-25 20:16 - 2019-12-25 20:21 - 000001061 _____ C:\ProgramData\Desktop\Bandicam.lnk 2019-12-25 20:16 - 2019-12-25 20:21 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1 2019-12-25 20:16 - 2019-12-25 20:21 - 000000000 ____D C:\Program Files (x86)\Bandicam 2019-12-25 20:16 - 2019-12-25 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2019-12-25 14:25 - 2019-12-25 14:25 - 000000000 ____D C:\Users\Player_One\.cache 2019-12-25 14:22 - 2019-12-25 14:28 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\youtube-dlg 2019-12-25 14:22 - 2019-12-25 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG 2019-12-25 14:12 - 2019-12-27 17:29 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\Deezloader Remix 2019-12-25 14:12 - 2019-12-25 14:12 - 000002464 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezloader Remix.lnk 2019-12-25 14:12 - 2019-12-25 14:12 - 000002456 _____ C:\Users\Player_One\Desktop\Deezloader Remix.lnk 2019-12-25 14:12 - 2019-12-25 14:12 - 000000000 ____D C:\Users\Player_One\AppData\Local\deezloader-rmx-updater 2019-12-25 14:11 - 2019-12-25 14:11 - 000000000 ____D C:\Users\Player_One\AppData\Local\SoulseekQt 2019-12-25 14:09 - 2019-12-25 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt 2019-12-25 14:09 - 2019-12-25 14:09 - 000000000 ____D C:\Program Files (x86)\SoulseekQt ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-24 08:22 - 2019-03-18 18:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-24 07:59 - 2019-10-27 21:41 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\NZXT CAM 2020-01-24 07:59 - 2019-08-29 12:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-01-24 07:59 - 2018-09-28 23:56 - 000000000 ____D C:\Users\Player_One\AppData\Local\D3DSCache 2020-01-23 14:04 - 2018-09-29 14:18 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\vlc 2020-01-23 12:25 - 2018-09-28 21:21 - 000000000 ____D C:\ProgramData\NVIDIA 2020-01-23 06:18 - 2018-09-29 14:11 - 000000000 ____D C:\Users\Player_One\AppData\Local\ClassicShell 2020-01-23 06:17 - 2018-09-29 15:16 - 000000000 ____D C:\Users\Player_One\AppData\Local\CrashDumps 2020-01-23 06:09 - 2019-12-09 13:57 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-01-23 06:09 - 2018-09-28 22:01 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-01-23 06:09 - 2018-09-28 22:01 - 000000000 ____D C:\Users\Player_One\AppData\LocalLow\Mozilla 2020-01-23 06:09 - 2018-09-28 22:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-01-23 05:11 - 2019-08-30 00:20 - 001454550 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-01-23 05:11 - 2019-08-29 05:47 - 000488808 _____ C:\WINDOWS\system32\perfh011.dat 2020-01-23 05:11 - 2019-08-29 05:47 - 000133986 _____ C:\WINDOWS\system32\perfc011.dat 2020-01-23 05:11 - 2019-03-18 18:50 - 000000000 ____D C:\WINDOWS\INF 2020-01-22 14:38 - 2018-09-28 21:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-01-22 14:38 - 2018-09-28 21:58 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-01-22 14:38 - 2018-09-28 21:58 - 000002284 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-01-22 02:37 - 2018-09-29 17:59 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\JRT Studio 2020-01-22 02:30 - 2018-09-29 00:48 - 000000000 ____D C:\Users\Player_One\Documents\JRT Studio 2020-01-22 01:51 - 2019-12-05 02:49 - 000000000 ___RD C:\Users\Player_One\Downloads\pinterest 2020-01-21 09:59 - 2018-09-28 21:20 - 000000000 ____D C:\Users\Player_One\AppData\Local\Packages 2020-01-21 09:37 - 2018-09-29 00:29 - 000000000 ____D C:\Users\Player_One\Downloads\infuse 2020-01-21 09:34 - 2018-09-30 00:19 - 000000000 ____D C:\Users\Player_One\Downloads\Duel Monsters 2020-01-21 03:19 - 2018-09-28 21:21 - 000000000 ____D C:\Users\Player_One\AppData\Local\PlaceholderTileLogoFolder 2020-01-20 17:14 - 2019-12-05 17:52 - 000000000 ____D C:\Users\Player_One\Downloads\facts 2020-01-20 17:13 - 2019-12-18 05:14 - 000000000 ____D C:\Users\Player_One\Downloads\zip files 2020-01-20 02:22 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-01-20 02:14 - 2019-03-18 18:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-01-20 01:50 - 2019-08-29 12:32 - 000003104 _____ C:\WINDOWS\system32\Tasks\GPU Tweak II 2020-01-20 01:50 - 2019-08-29 12:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-20 01:49 - 2019-03-18 18:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-01-19 08:08 - 2019-10-04 10:03 - 000001658 _____ C:\WINDOWS\Sandboxie.ini 2020-01-19 00:31 - 2019-08-29 12:32 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2073489905-3277682465-3659551384-1001 2020-01-19 00:31 - 2019-08-29 06:11 - 000002382 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-01-19 00:31 - 2018-09-28 21:21 - 000000000 ___RD C:\Users\Player_One\OneDrive 2020-01-16 01:05 - 2019-03-18 18:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-01-16 01:02 - 2019-10-27 21:41 - 000001784 _____ C:\Users\Public\Desktop\NZXT CAM.lnk 2020-01-16 01:02 - 2019-10-27 21:41 - 000001784 _____ C:\ProgramData\Desktop\NZXT CAM.lnk 2020-01-16 01:02 - 2019-10-27 21:41 - 000000000 ____D C:\Program Files\NZXT CAM 2020-01-16 01:01 - 2019-08-29 12:25 - 000495112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ___SD C:\WINDOWS\system32\UNP 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-01-16 00:52 - 2018-09-29 01:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-01-16 00:50 - 2019-03-18 18:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-01-16 00:50 - 2018-09-29 01:56 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-01-13 07:33 - 2019-12-13 02:52 - 000000000 ____D C:\Program Files\Malwarebytes 2020-01-13 05:21 - 2019-12-13 02:53 - 000019731 _____ C:\Users\Player_One\Desktop\mbst-clean-results.txt 2020-01-13 05:18 - 2019-03-18 18:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-01-13 05:02 - 2018-09-29 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2020-01-13 04:59 - 2019-08-29 06:11 - 000000000 ____D C:\Users\Player_One 2020-01-13 04:20 - 2019-11-22 08:28 - 000000000 ____D C:\Users\Player_One\AppData\Local\cache 2020-01-12 22:36 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-01-11 15:42 - 2018-09-29 00:48 - 000000000 ____D C:\Users\Player_One\Documents\CAPCOM 2020-01-11 04:12 - 2018-09-30 00:16 - 000000000 ____D C:\Users\Player_One\Downloads\reddit fixes 2020-01-06 21:24 - 2019-10-04 18:52 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2020-01-06 21:24 - 2019-10-04 18:52 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk 2020-01-06 21:24 - 2019-08-29 12:32 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-08-29 12:32 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2018-09-28 21:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-01-06 21:24 - 2018-09-28 21:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-01-06 21:24 - 2018-09-28 21:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-01-05 21:13 - 2019-03-03 07:14 - 000000000 ____D C:\Program Files\dotnet 2020-01-05 21:13 - 2018-09-28 21:24 - 000000000 ____D C:\ProgramData\Package Cache 2020-01-04 08:37 - 2018-09-30 00:13 - 000000000 ____D C:\Users\Player_One\Downloads\Japanese 2019-12-26 08:42 - 2018-09-30 00:13 - 000000000 ____D C:\Users\Player_One\Downloads\excel stuff ==================== Files in the root of some directories ======== 2019-09-22 07:55 - 2019-09-22 07:55 - 000007603 _____ () C:\Users\Player_One\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Addition.txt
  3. I just realized that I didn't run the program from the desktop. I'll edit the reply with the new log.
  4. Here's the logs from FRST: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020 01 Ran by Player_One (administrator) on DESKTOP-QR3BEFQ (Micro-Star International Co., Ltd. MS-7B45) (24-01-2020 08:04:14) Running from C:\Users\Player_One\Downloads Loaded Profiles: Player_One (Available Profiles: Player_One) Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe (A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe (JRT Studio LLC) [File not signed] C:\Program Files (x86)\JRT Studio\iSyncr\iSyncr.exe (Kristjan Skutta -> ) G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe (Sony Computer Entertainment Inc.) [File not signed] C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) G:\Steam\Steam.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Zetetic, LLC -> Zetetic LLC) C:\Program Files (x86)\Zetetic LLC\Codebook\Codebook.exe Failed to access process -> RE2RUTrainer.exe Failed to access process -> RE2RUTrainer.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [737248 2018-07-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-27] (Heidi Computers Ltd -> The Eraser Project) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2018-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-03-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-12-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [Steam] => G:\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [97671824 2020-01-15] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [WallpaperEngine] => G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2579960 2020-01-12] (Kristjan Skutta -> ) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\MountPoints2: {3410c3b3-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001\...\MountPoints2: {3410c693-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [Steam] => G:\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [97671824 2020-01-15] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [WallpaperEngine] => G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2579960 2020-01-12] (Kristjan Skutta -> ) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\MountPoints2: {3410c3b3-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212020031919365\...\MountPoints2: {3410c693-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [Steam] => G:\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [97671824 2020-01-15] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [WallpaperEngine] => G:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2579960 2020-01-12] (Kristjan Skutta -> ) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\MountPoints2: {3410c3b3-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-2073489905-3277682465-3659551384-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020050610232\...\MountPoints2: {3410c693-c60b-11e8-903b-6245b4fdb917} - "H:\WD Drive Unlock.exe" autoplay=true HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation(R).lnk [2018-10-31] ShortcutTarget: Content Manager Assistant for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.) [File not signed] Startup: C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Codebook Secret Agent.lnk [2019-12-14] ShortcutTarget: Codebook Secret Agent.lnk -> C:\Program Files (x86)\Zetetic LLC\Codebook\Codebook.exe (Zetetic, LLC -> Zetetic LLC) GroupPolicy: Restriction ? <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01C34B67-8653-4560-8D1D-1DDDBFBCC583} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3AEDD53D-4577-4FF8-886A-E3EC10F23491} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6054816 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {3B57E75C-659F-489E-95B1-5789FC686C83} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042744 2019-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {3B963E55-8BA4-4D64-8294-7D9182F0B076} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042744 2019-12-06] (Microsoft Corporation -> Microsoft Corporation) Task: {46FF6E3F-4F56-4B0A-8D96-0C6EC4E2B468} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-28] (Google Inc -> Google Inc.) Task: {4A06D05B-3E79-4103-80A2-DC2D3C972831} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1094024 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5CD05F4E-5759-49A7-A40C-1621DE88839A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-28] (Google Inc -> Google Inc.) Task: {6BEEBFA6-E6A0-44FE-A42E-532404665677} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [804592 2019-11-28] (A-Volute -> Nahimic) Task: {6E8A581A-F526-4162-BEF3-4A5B85F68507} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7E7282A4-2925-40A8-9DA4-C1FCCFFF7B24} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {80ADEF8F-9152-4D0C-958F-6E6A9D349509} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [817472 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {834A48C3-8723-41E8-8AB5-237711FC00A7} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe [1074936 2019-11-28] (A-Volute -> Nahimic) Task: {854BC509-FBAD-4DC3-9FD2-600D461B592C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2146712 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {85E086EA-F733-4E9F-8E38-B4264080C9ED} - System32\Tasks\BlueStacksHelper => G:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-15] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {AAA729D2-A0DC-44E6-888A-CD22C71CE259} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AF07284A-EE6C-4B00-BF17-4C6AD36EC723} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B9C231C5-6716-499F-B538-D1695D589657} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BCE884DB-1898-4AC5-94C6-C95F6171E230} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2146712 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {D0D0FAE4-6B2D-426E-9909-8F74FFD2C62B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [128856 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {D6E60A58-4188-4B01-97ED-1856FC28BB12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6054816 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {D7611697-E67D-4449-B86A-F3C68638DEB5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [128856 2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Task: {E82D0873-A351-42CB-AC46-6C1855533CBE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EC2F9BA3-7B8C-42C6-96C2-80833E582794} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ECBCC4E2-208C-467A-91D2-84297EB07334} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F2A6DAA6-8BC7-45DD-8161-31B494D53DBC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F558CAE6-5713-494C-AA3B-DDC2493AAC05} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [12664936 2018-08-22] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61 Tcpip\..\Interfaces\{00a3bb54-fd48-480a-88c7-95e4148645c1}: [DhcpNameServer] 209.18.47.63 209.18.47.61 Tcpip\..\Interfaces\{c589e7c1-7b5a-45c9-84d3-3e0ad2db832c}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed] Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-17] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 3dxgry6y.default FF ProfilePath: C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default [2020-01-23] FF Extension: (Download Statusbar) - C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default\Extensions\{76faaba6-3aa1-47a4-bf40-90aa2505e79c}.xpi [2018-10-07] FF Extension: (Anime girl shooting stars) - C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default\Extensions\{7cd1afa4-b4c3-46d2-9933-1832e8f3d3a3}.xpi [2019-04-02] FF Extension: (Video DownloadHelper) - C:\Users\Player_One\AppData\Roaming\Mozilla\Firefox\Profiles\3dxgry6y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-23] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default [2020-01-24] CHR Extension: (Slides) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-28] CHR Extension: (Docs) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-28] CHR Extension: (Google Drive) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-28] CHR Extension: (YouTube) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-28] CHR Extension: (Sheets) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-28] CHR Extension: (Google Docs Offline) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16] CHR Extension: (Chrome Web Store Payments) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2019-11-08] CHR Extension: (Gmail) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25] CHR Extension: (Chrome Media Router) - C:\Users\Player_One\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [558208 2020-01-15] (NZXT, Inc. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11156344 2019-12-05] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2019-12-21] (Corsair Memory, Inc. -> Corsair Memory, Inc.) U2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> ) R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> ) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation) R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [File not signed] S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343608 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2252472 2017-12-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2506936 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2724536 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2018-08-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> ) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1758968 2019-11-28] (A-Volute -> Nahimic) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; G:\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts) R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [737248 2018-07-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation) S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-14] (ASUSTeK Computer Inc. -> ) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-11-20] (Bluestack Systems, Inc. -> Bluestack System Inc. ) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [20696 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2020-01-24] (CPUID S.A.R.L.U. -> CPUID) R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2020-01-20] (CPUID S.A.R.L.U. -> CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34368 2018-01-16] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30280 2018-07-19] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes Corporation -> Malwarebytes) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73328 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53360 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [22640 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [341104 2018-07-27] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [141848 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider) S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2020-01-13] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2020-01-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2020-01-20] (Malwarebytes Corporation -> Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2020-01-19] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2020-01-24] (Malwarebytes Corporation -> Malwarebytes) R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [400392 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_827405c7c65146ab\nvlddmkm.sys [22377352 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-16] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation) R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [451792 2019-04-02] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [223680 2019-10-16] (Invincea, Inc. -> Sandboxie Holdings, LLC) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [30720 2012-07-14] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-08-14] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-08-14] (Oracle Corporation -> Oracle Corporation) R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2018-02-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation) S3 WinDivert1.1; C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects) S3 GPUZ; \??\C:\Users\PLAYER~1\AppData\Local\Temp\GPUZ.sys [X] <==== ATTENTION U3 iswSvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-24 08:04 - 2020-01-24 08:05 - 000052533 _____ C:\Users\Player_One\Downloads\FRST.txt 2020-01-24 08:04 - 2020-01-24 08:04 - 000000000 ____D C:\Users\Player_One\Downloads\FRST-OlderVersion 2020-01-24 08:03 - 2020-01-24 08:04 - 002580480 _____ (Farbar) C:\Users\Player_One\Downloads\FRST64.exe 2020-01-23 14:02 - 2020-01-23 14:03 - 000000000 ____D C:\Users\Player_One\Downloads\movies 2020-01-23 06:12 - 2020-01-23 06:12 - 000000693 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Modmanager.lnk 2020-01-23 06:09 - 2020-01-23 06:09 - 011371063 _____ C:\Users\Player_One\Downloads\modmanager.rar 2020-01-21 09:53 - 2020-01-21 09:53 - 001208273 _____ C:\Users\Player_One\Documents\bookmarks_1_21_20.html 2020-01-21 08:27 - 2020-01-21 08:27 - 000000000 ____D C:\ProgramData\Caphyon 2020-01-21 06:46 - 2020-01-21 06:46 - 000000000 ____D C:\WINDOWS\LastGood 2020-01-20 01:53 - 2020-01-20 01:53 - 000000000 _____ C:\WINDOWS\cpepmon.mlf 2020-01-19 01:00 - 2020-01-19 01:00 - 000000000 ____D C:\Users\Player_One\Downloads\original image emmas hair 2020-01-19 00:59 - 2020-01-19 00:59 - 000000000 ____D C:\Users\Player_One\Downloads\original image accessories leon 2020-01-16 00:48 - 2020-01-16 00:48 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2020-01-16 00:48 - 2020-01-16 00:48 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serscan.sys 2020-01-16 00:48 - 2020-01-16 00:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2020-01-16 00:48 - 2020-01-16 00:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2020-01-16 00:42 - 2019-12-09 19:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-01-16 00:42 - 2019-12-09 18:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-01-13 07:34 - 2020-01-24 08:00 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2020-01-13 07:34 - 2020-01-20 01:50 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2020-01-13 07:34 - 2020-01-20 01:50 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2020-01-13 07:34 - 2020-01-19 08:14 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-01-13 07:34 - 2020-01-13 07:34 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-01-13 07:34 - 2020-01-13 07:34 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-01-13 07:34 - 2020-01-13 07:34 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-01-13 07:34 - 2020-01-13 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-01-13 07:34 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-01-13 07:33 - 2020-01-13 07:33 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-01-13 05:17 - 2020-01-13 05:17 - 004984576 _____ C:\Users\Player_One\Desktop\mbst-grab-results.zip 2020-01-13 05:15 - 2020-01-24 08:04 - 000000000 ____D C:\FRST 2020-01-13 05:05 - 2020-01-21 08:27 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codebook.lnk 2020-01-13 05:05 - 2020-01-13 05:05 - 000000000 ____D C:\Program Files (x86)\Zetetic LLC 2020-01-13 04:58 - 2020-01-13 04:58 - 000988148 _____ C:\WINDOWS\Minidump\011320-8984-01.dmp 2020-01-13 04:20 - 2020-01-13 04:20 - 001140388 _____ C:\WINDOWS\Minidump\011320-8890-01.dmp 2020-01-13 03:45 - 2020-01-13 03:45 - 003800044 _____ C:\WINDOWS\Minidump\011320-9171-01.dmp 2020-01-11 19:51 - 2020-01-11 19:51 - 000000000 ____D C:\Program Files (x86)\Corsair 2020-01-11 19:48 - 2020-01-13 04:58 - 1391114978 _____ C:\WINDOWS\MEMORY.DMP 2020-01-11 19:48 - 2020-01-13 04:58 - 000000000 ____D C:\WINDOWS\Minidump 2020-01-11 19:48 - 2020-01-11 19:48 - 004101628 _____ C:\WINDOWS\Minidump\011120-11078-01.dmp 2020-01-07 06:16 - 2020-01-07 06:16 - 000000000 ____D C:\Users\Player_One\Downloads\Accessories Leon (Framework)-77-1-0-1552083508 2020-01-06 04:41 - 2020-01-09 05:55 - 000000749 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Resident Evil 2 Remake Ultimate Trainer.lnk 2020-01-01 20:41 - 2020-01-01 20:41 - 000000000 ____D C:\Users\Player_One\AppData\Local\4kdownload.com 2019-12-27 16:33 - 2019-12-27 00:10 - 378398556 _____ C:\Users\Player_One\Downloads\2019_12_27_00_03_28.mp4 2019-12-27 16:32 - 2019-12-27 05:08 - 136188174 _____ C:\Users\Player_One\Downloads\2019_12_27_05_06_17.mp4 2019-12-27 16:32 - 2019-12-27 00:32 - 221658699 _____ C:\Users\Player_One\Downloads\2019_12_27_00_29_10.mp4 2019-12-27 16:32 - 2019-12-27 00:27 - 114571665 _____ C:\Users\Player_One\Downloads\2019_12_27_00_25_21.mp4 2019-12-27 16:32 - 2019-12-27 00:13 - 114812088 _____ C:\Users\Player_One\Downloads\2019_12_27_00_11_39.mp4 2019-12-27 11:39 - 2019-12-27 17:30 - 000000000 ____D C:\Users\Player_One\Deezloader Music 2019-12-25 20:17 - 2019-12-25 20:17 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\Bandicam Company 2019-12-25 20:16 - 2019-12-25 20:21 - 000001061 _____ C:\Users\Public\Desktop\Bandicam.lnk 2019-12-25 20:16 - 2019-12-25 20:21 - 000001061 _____ C:\ProgramData\Desktop\Bandicam.lnk 2019-12-25 20:16 - 2019-12-25 20:21 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1 2019-12-25 20:16 - 2019-12-25 20:21 - 000000000 ____D C:\Program Files (x86)\Bandicam 2019-12-25 20:16 - 2019-12-25 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2019-12-25 14:25 - 2019-12-25 14:25 - 000000000 ____D C:\Users\Player_One\.cache 2019-12-25 14:22 - 2019-12-25 14:28 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\youtube-dlg 2019-12-25 14:22 - 2019-12-25 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube-DLG 2019-12-25 14:12 - 2019-12-27 17:29 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\Deezloader Remix 2019-12-25 14:12 - 2019-12-25 14:12 - 000002464 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezloader Remix.lnk 2019-12-25 14:12 - 2019-12-25 14:12 - 000002456 _____ C:\Users\Player_One\Desktop\Deezloader Remix.lnk 2019-12-25 14:12 - 2019-12-25 14:12 - 000000000 ____D C:\Users\Player_One\AppData\Local\deezloader-rmx-updater 2019-12-25 14:11 - 2019-12-25 14:11 - 000000000 ____D C:\Users\Player_One\AppData\Local\SoulseekQt 2019-12-25 14:09 - 2019-12-25 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt 2019-12-25 14:09 - 2019-12-25 14:09 - 000000000 ____D C:\Program Files (x86)\SoulseekQt ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-24 07:59 - 2019-10-27 21:41 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\NZXT CAM 2020-01-24 07:59 - 2019-08-29 12:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-01-24 07:59 - 2019-03-18 18:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-24 07:59 - 2018-09-28 23:56 - 000000000 ____D C:\Users\Player_One\AppData\Local\D3DSCache 2020-01-23 14:04 - 2018-09-29 14:18 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\vlc 2020-01-23 12:25 - 2018-09-28 21:21 - 000000000 ____D C:\ProgramData\NVIDIA 2020-01-23 06:18 - 2018-09-29 14:11 - 000000000 ____D C:\Users\Player_One\AppData\Local\ClassicShell 2020-01-23 06:17 - 2018-09-29 15:16 - 000000000 ____D C:\Users\Player_One\AppData\Local\CrashDumps 2020-01-23 06:09 - 2019-12-09 13:57 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-01-23 06:09 - 2018-09-28 22:01 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-01-23 06:09 - 2018-09-28 22:01 - 000000000 ____D C:\Users\Player_One\AppData\LocalLow\Mozilla 2020-01-23 06:09 - 2018-09-28 22:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-01-23 05:11 - 2019-08-30 00:20 - 001454550 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-01-23 05:11 - 2019-08-29 05:47 - 000488808 _____ C:\WINDOWS\system32\perfh011.dat 2020-01-23 05:11 - 2019-08-29 05:47 - 000133986 _____ C:\WINDOWS\system32\perfc011.dat 2020-01-23 05:11 - 2019-03-18 18:50 - 000000000 ____D C:\WINDOWS\INF 2020-01-22 14:38 - 2018-09-28 21:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-01-22 14:38 - 2018-09-28 21:58 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-01-22 14:38 - 2018-09-28 21:58 - 000002284 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-01-22 02:37 - 2018-09-29 17:59 - 000000000 ____D C:\Users\Player_One\AppData\Roaming\JRT Studio 2020-01-22 02:30 - 2018-09-29 00:48 - 000000000 ____D C:\Users\Player_One\Documents\JRT Studio 2020-01-22 01:51 - 2019-12-05 02:49 - 000000000 ___RD C:\Users\Player_One\Downloads\pinterest 2020-01-21 09:59 - 2018-09-28 21:20 - 000000000 ____D C:\Users\Player_One\AppData\Local\Packages 2020-01-21 09:37 - 2018-09-29 00:29 - 000000000 ____D C:\Users\Player_One\Downloads\infuse 2020-01-21 09:34 - 2018-09-30 00:19 - 000000000 ____D C:\Users\Player_One\Downloads\Duel Monsters 2020-01-21 03:19 - 2018-09-28 21:21 - 000000000 ____D C:\Users\Player_One\AppData\Local\PlaceholderTileLogoFolder 2020-01-20 17:14 - 2019-12-05 17:52 - 000000000 ____D C:\Users\Player_One\Downloads\facts 2020-01-20 17:13 - 2019-12-18 05:14 - 000000000 ____D C:\Users\Player_One\Downloads\zip files 2020-01-20 02:22 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-01-20 02:14 - 2019-03-18 18:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-01-20 01:50 - 2019-08-29 12:32 - 000003104 _____ C:\WINDOWS\system32\Tasks\GPU Tweak II 2020-01-20 01:50 - 2019-08-29 12:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-20 01:49 - 2019-03-18 18:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-01-19 08:08 - 2019-10-04 10:03 - 000001658 _____ C:\WINDOWS\Sandboxie.ini 2020-01-19 00:31 - 2019-08-29 12:32 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2073489905-3277682465-3659551384-1001 2020-01-19 00:31 - 2019-08-29 06:11 - 000002382 _____ C:\Users\Player_One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-01-19 00:31 - 2018-09-28 21:21 - 000000000 ___RD C:\Users\Player_One\OneDrive 2020-01-16 01:05 - 2019-03-18 18:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-01-16 01:02 - 2019-10-27 21:41 - 000001784 _____ C:\Users\Public\Desktop\NZXT CAM.lnk 2020-01-16 01:02 - 2019-10-27 21:41 - 000001784 _____ C:\ProgramData\Desktop\NZXT CAM.lnk 2020-01-16 01:02 - 2019-10-27 21:41 - 000000000 ____D C:\Program Files\NZXT CAM 2020-01-16 01:01 - 2019-08-29 12:25 - 000495112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ___SD C:\WINDOWS\system32\UNP 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-01-16 01:00 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-01-16 00:52 - 2018-09-29 01:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-01-16 00:50 - 2019-03-18 18:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-01-16 00:50 - 2018-09-29 01:56 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-01-13 07:33 - 2019-12-13 02:52 - 000000000 ____D C:\Program Files\Malwarebytes 2020-01-13 05:21 - 2019-12-13 02:53 - 000019731 _____ C:\Users\Player_One\Desktop\mbst-clean-results.txt 2020-01-13 05:18 - 2019-03-18 18:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-01-13 05:02 - 2018-09-29 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2020-01-13 04:59 - 2019-08-29 06:11 - 000000000 ____D C:\Users\Player_One 2020-01-13 04:20 - 2019-11-22 08:28 - 000000000 ____D C:\Users\Player_One\AppData\Local\cache 2020-01-12 22:36 - 2019-03-18 18:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-01-11 15:42 - 2018-09-29 00:48 - 000000000 ____D C:\Users\Player_One\Documents\CAPCOM 2020-01-11 04:12 - 2018-09-30 00:16 - 000000000 ____D C:\Users\Player_One\Downloads\reddit fixes 2020-01-06 21:24 - 2019-10-04 18:52 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-10-04 18:52 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2020-01-06 21:24 - 2019-10-04 18:52 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk 2020-01-06 21:24 - 2019-08-29 12:32 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2019-08-29 12:32 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-01-06 21:24 - 2018-09-28 21:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-01-06 21:24 - 2018-09-28 21:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-01-06 21:24 - 2018-09-28 21:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-01-05 21:13 - 2019-03-03 07:14 - 000000000 ____D C:\Program Files\dotnet 2020-01-05 21:13 - 2018-09-28 21:24 - 000000000 ____D C:\ProgramData\Package Cache 2020-01-04 08:37 - 2018-09-30 00:13 - 000000000 ____D C:\Users\Player_One\Downloads\Japanese 2019-12-26 08:42 - 2018-09-30 00:13 - 000000000 ____D C:\Users\Player_One\Downloads\excel stuff ==================== Files in the root of some directories ======== 2019-09-22 07:55 - 2019-09-22 07:55 - 000007603 _____ () C:\Users\Player_One\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Addition.txt
  5. Also want to note I am on version 3 of malwarebytes due to the bsod I've been getting.
  6. However, the report says a website has been blocked. Am confused. The warning happened twice. Here is the log Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/23/20 Protection Event Time: 12:24 PM Log File: 259e916a-3e2f-11ea-b6b7-309c23a33db1.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.365 Update Package Version: 1.0.14481 License: Premium -System Information- OS: Windows 10 (Build 18362.592) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: IP Address: 185.172.110.220 Port: [3702] Type: Inbound File: C:\Windows\System32\dasHost.exe (end) Could someone please clear this up for me? Is it a website I'm browsing or is it the actual file?
  7. I've also been seeing this BSOD where it says system failed due to mwac.sys. Should I just disable web protection or uninstall the entire thing? I've only had chrome up with a few windows open and it has happened to me twice with my system freezing up after 10 minutes or so leading to me doing a hard restart.
  8. Oh thanks @Porthos! I've went and manually updated it, so I have the latest version, but usually it pushes the updates to me and prompts me to update. In any case, I do go on Pinterest, although I was also on Wikipedia as well. Are either of them known for having these errors? I was on them when the notification appeared, and I'd like to see if I can track it down so I'm not browsing that specific site.
  9. Hello everyone. I'm not sure where to put this, but I do have windows 10, so I thought it might go here. Let me know where to post it if this is the wrong place, and I'll repost this there. Otherwise... I've gotten an Incoming Trojan Report Alert that says this: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/22/19 Protection Event Time: 8:01 AM Log File: 1e8223d2-0d52-11ea-82d7-309c23a33db1.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.629 Update Package Version: 1.0.13467 License: Premium -System Information- OS: Windows 10 (Build 18362.476) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: IP Address: 185.164.72.241 Port: [5040] Type: Inbound File: (end) Now when I do a whois lookup for that IP (Is it dependable?) I get this: Source: whois.ripe.net IP Address: 185.164.72.241 % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '185.164.72.0 - 185.164.72.255' % Abuse contact for '185.164.72.0 - 185.164.72.255' is 'abuse@nakhl.net' inetnum: 185.164.72.0 - 185.164.72.255 netname: Da-Cloud-LLC country: NL admin-c: AR37382-RIPE tech-c: AR37382-RIPE status: SUB-ALLOCATED PA mnt-by: ir-nakhljonoob2-1-mnt mnt-by: ir-atrin-1-mnt mnt-by: ir-nakhljonoob-1-mnt created: 2019-07-19T11:59:28Z last-modified: 2019-07-19T11:59:28Z source: RIPE role: Abuse-C Role address: Floor 2-nakhl building-corner of 32th motahari street address: 7617699755 address: Kerman address: IRAN, ISLAMIC REPUBLIC OF nic-hdl: AR37382-RIPE abuse-mailbox: router_base@yahoo.com mnt-by: ir-nakhljonoob-1-mnt created: 2016-08-22T12:09:04Z last-modified: 2016-08-22T12:09:04Z source: RIPE # Filtered % Information related to '185.164.72.0/24AS50673' route: 185.164.72.0/24 origin: AS50673 mnt-by: ir-atrin-1-mnt created: 2019-07-19T12:04:35Z last-modified: 2019-07-19T12:04:35Z source: RIPE % This query was served by the RIPE Database Query Service version 1.95.1 (ANGUS) I used the first link I found, ultratools.com, and the result seems to carry over to other whois sites as well. This is the first report I've gotten, and I'm baffled as to what might be causing it. Could it be mistaken?
  10. Mines happen every 10 minutes as well and as soon as I open up chrome This is what my log says Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/8/19 Protection Event Time: 6:11 AM Log File: 65571062-0242-11ea-b766-309c23a33db1.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.629 Update Package Version: 1.0.13241 License: Premium -System Information- OS: Windows 10 (Build 18362.449) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: ubp-ubpextension-us-prod.s3-us-west-2.amazonaws.com IP Address: 52.218.234.1 Port: [55376] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) That's one of them here's the other Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/8/19 Protection Event Time: 6:11 AM Log File: 6515c738-0242-11ea-9f6b-309c23a33db1.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.629 Update Package Version: 1.0.13241 License: Premium -System Information- OS: Windows 10 (Build 18362.449) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: s3-us-west-2.amazonaws.com IP Address: 52.218.236.16 Port: [55373] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) I've tried to see if the IP addresses were similar to each other but they aren't. Here are some of them: 52.218.128.124 52.218.200.168 52.218.229.97 I've tried troubleshooting by closing all my chrome windows but it still pops up even while I'm typing this out on this website.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.