Jump to content

packers37

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you again for all your help. Please find the contents of the KpRm below: # Run at 5/30/2021 3:35:39 PM # KpRm (Kernel-panik) version 2.9 # Website https://kernel-panik.me/tool/kprm/ # Run by diamander from C:\Users\diamander\Desktop # Computer Name: DESKTOP-D68JEBC # OS: Windows 10 X64 (19042) # Number of passes: 1 - Checked options - ~ Registry Backup ~ Delete Tools ~ Restore System Settings ~ UAC Restore ~ Delete Restore Points ~ Create Restore Point ~ Delete Quarantines - Create Registry Backup - ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up ~ [OK] Hive C:\Users\diamander\NTUSER.dat backed up [OK] Registry Backup: C:\KPRM\backup\2021-05-30-15-35-39 - Delete Tools - ## ESET Online Scanner [OK] C:\Users\diamander\Desktop\esetonlinescanner.exe deleted [OK] C:\Users\diamander\AppData\Local\ESET\ESETOnlineScanner deleted ## FRST [OK] C:\FRST deleted - Restore System Settings - [OK] Reset WinSock [OK] FLUSHDNS [OK] Hide Hidden file. [OK] Show Extensions for known file types [OK] Hide protected operating system files - Restore UAC - [OK] Set EnableLUA with default (1) value [OK] Set ConsentPromptBehaviorAdmin with default (5) value [OK] Set ConsentPromptBehaviorUser with default (3) value [OK] Set EnableInstallerDetection with default (0) value [OK] Set EnableSecureUIAPaths with default (1) value [OK] Set EnableUIADesktopToggle with default (0) value [OK] Set EnableVirtualization with default (1) value [OK] Set FilterAdministratorToken with default (0) value [OK] Set PromptOnSecureDesktop with default (1) value [OK] Set ValidateAdminCodeSignatures with default (0) value - Clear Restore Points - ~ [OK] RP named Scheduled Checkpoint created at 05/11/2021 13:08:47 deleted ~ [OK] RP named Scheduled Checkpoint created at 05/20/2021 13:02:20 deleted ~ [OK] RP named Scheduled Checkpoint created at 05/29/2021 18:16:01 deleted [OK] All system restore points have been successfully deleted - Create Restore Point - [OK] System Restore Point created - Display System Restore Point - ~ RP named KpRm created at 05/30/2021 19:35:47 -- KPRM finished in 19.18s --
  2. I ran the ESET Scanner that did not detect any threats. Here's the log below: 5/29/2021 7:07:53 AM Files scanned: 480579 Detected files: 0 Cleaned files: 0 Total scan time: 00:24:17 Scan status: Finished
  3. Glad to hear! Thank you for your continued assistance. I ran SecurityCheck and attached the text file. SecurityCheck.txt
  4. Hello, Thank you for your assistance. Please see the FRST note below: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021 Ran by diamander (administrator) on DESKTOP-D68JEBC (Gigabyte Technology Co., Ltd. Z370 HD3P) (28-05-2021 11:54:06) Running from C:\Users\diamander\Downloads Loaded Profiles: diamander Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4> (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Private Internet Access, Inc. -> ) C:\Program Files\Private Internet Access\pia-service.exe (Private Internet Access, Inc. -> Private Internet Access Incorporated) C:\Program Files\Private Internet Access\pia-client.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237432 2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-276071129-478347614-4100385335-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-18] (Valve -> Valve Corporation) HKU\S-1-5-21-276071129-478347614-4100385335-1001\...\Run: [Private Internet Access] => C:\Program Files\Private Internet Access\pia-client.exe [4724104 2021-05-03] (Private Internet Access, Inc. -> Private Internet Access Incorporated) HKU\S-1-5-21-276071129-478347614-4100385335-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-05-28] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-276071129-478347614-4100385335-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5536440 2021-04-27] (Adobe Inc. -> Adobe Systems Incorporated) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2020-12-07] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat DC\Esl\Aiod.dll [2021-04-20] (Adobe Inc. -> Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-06-30] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1C1803DB-3527-491F-9B52-C2415660E4AC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1D21C9FE-9AC1-4168-BD8C-3E4AADF939F0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {28FEA6F7-8C70-4566-905E-A3CB5680BFFD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2A7E20B3-354E-40C0-885E-73541ACC41C7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {57DD9CC1-4486-4560-A5CB-CC63020942B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-05] (Google LLC -> Google LLC) Task: {5B374E1C-F395-4AA3-87FC-7C29218234EB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {821D44CC-6D5D-42EB-94FF-23091AFD2012} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-06] (Mozilla Corporation -> Mozilla Foundation) Task: {861A7EF1-5D46-467D-B410-F1A1360F0410} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8CBB0272-957C-4709-B53C-EBDF7DDD17E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-05] (Google LLC -> Google LLC) Task: {9DF15EBE-8BCD-4A3A-B6D6-2901508FC730} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {AD3F798F-1200-4BA0-ABC9-73E3AF254BC3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B4E3E7A2-EA69-4665-902C-14A98687E050} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BFB1373E-5052-4869-9D58-3A4377A215B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {D0820A43-2B40-4F18-B918-888674232E17} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {F2634453-A9A0-43FF-87C5-E21F0C7245F0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{27338758-fe2a-485f-a04c-02de3d32daeb}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge Profile: C:\Users\diamander\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-19] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: sjlr4ncp.default FF ProfilePath: C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default [2021-05-28] FF Extension: (Honey) - C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2020-10-28] FF Extension: (Privacy Badger) - C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-02-02] FF Extension: (uBlock Origin) - C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default\Extensions\uBlock0@raymondhill.net.xpi [2021-05-04] FF Extension: (animated sakura by candelora) - C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default\Extensions\{03b45ad7-22b7-4597-a02e-b2b30f156f82}.xpi [2019-06-09] FF Extension: (Quantum) - C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default\Extensions\{25c704b7-1833-4562-862d-3e5ac2bdaa2f}.xpi [2019-06-09] FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2020-02-07] FF Extension: (little flowers) - C:\Users\diamander\AppData\Roaming\Mozilla\Firefox\Profiles\sjlr4ncp.default\Extensions\{98bd9022-1a97-4c7f-85aa-4fb06e9c5d8c}.xpi [2019-06-09] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-12-07] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default [2021-03-07] CHR Extension: (Slides) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-05] CHR Extension: (Docs) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-05] CHR Extension: (Google Drive) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-05] CHR Extension: (YouTube) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-05] CHR Extension: (Adobe Acrobat) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-05] CHR Extension: (Sheets) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-05] CHR Extension: (Google Docs Offline) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-05] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-05] CHR Extension: (Chrome Web Store Payments) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-05] CHR Extension: (Gmail) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-05] CHR Extension: (Chrome Media Router) - C:\Users\diamander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-05] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-04-02] (EasyAntiCheat Oy -> Epic Games, Inc) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10731424 2021-05-28] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-25] (Malwarebytes Inc -> Malwarebytes) R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [2223016 2021-05-03] (Private Internet Access, Inc. -> ) S3 PrivateInternetAccessWireguard; C:\Program Files\Private Internet Access\pia-wgservice.exe [4447520 2021-05-03] (Private Internet Access, Inc. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-27] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-27] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-03-28] (Malwarebytes Inc -> Malwarebytes) S3 gdrv; C:\Windows\gdrv.sys [26192 2018-06-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-05-28] (Logitech Inc -> Logitech) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-17] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-17] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-17] (Logitech Inc -> Logitech) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-25] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-28] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-28] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-25] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-28] (Malwarebytes Inc -> Malwarebytes) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2018-04-23] (SteelSeries ApS -> ) R3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [39944 2020-01-27] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-01-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-27] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-27] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38176 2020-07-18] (WireGuard LLC -> WireGuard LLC) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-28 11:54 - 2021-05-28 11:54 - 000020376 _____ C:\Users\diamander\Downloads\FRST.txt 2021-05-28 11:53 - 2021-05-28 11:54 - 000000000 ____D C:\FRST 2021-05-28 11:53 - 2021-05-28 11:53 - 002299904 _____ (Farbar) C:\Users\diamander\Downloads\FRST64.exe 2021-05-28 09:53 - 2021-05-28 09:53 - 000170254 _____ C:\Users\diamander\Downloads\fax-10498647.pdf 2021-05-28 09:52 - 2021-05-28 09:52 - 000316786 _____ C:\Users\diamander\Downloads\fax-10482666.pdf 2021-05-28 09:51 - 2021-05-28 09:51 - 000179025 _____ C:\Users\diamander\Downloads\fax-10444077.pdf 2021-05-28 09:51 - 2021-05-28 09:51 - 000179012 _____ C:\Users\diamander\Downloads\fax-10444176.pdf 2021-05-28 08:57 - 2021-05-28 08:57 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-05-28 08:57 - 2021-05-28 08:57 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-05-28 08:57 - 2021-05-28 08:57 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-05-28 08:57 - 2021-05-28 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2021-05-27 16:02 - 2021-05-27 16:02 - 000140360 _____ C:\Users\diamander\Downloads\Ham Filed Complaint.pdf 2021-05-27 16:01 - 2021-05-27 16:01 - 000140360 _____ C:\Users\diamander\Downloads\CivilCaseJacket.pdf 2021-05-27 16:01 - 2021-05-27 16:01 - 000035022 _____ C:\Users\diamander\Downloads\document.pdf 2021-05-27 15:31 - 2021-05-27 15:40 - 000129811 _____ C:\Users\diamander\Downloads\Ham, Bong S. Compaint.docx.pdf 2021-05-27 15:01 - 2021-05-27 15:01 - 000100286 _____ C:\Users\diamander\Downloads\2021.05.27 Optimum Diagnostic LOP.docx.pdf 2021-05-27 14:37 - 2021-05-27 14:37 - 000102749 _____ C:\Users\diamander\Downloads\Jang Won So UIM Retainer.pdf 2021-05-27 13:03 - 2021-05-27 13:03 - 000075451 _____ C:\Users\diamander\Downloads\Vital-breedy Consent Order.docx.pdf 2021-05-27 12:51 - 2021-05-27 12:51 - 000269275 _____ C:\Users\diamander\Downloads\Case Results - 7224Omar Ait-Salih(1).pdf 2021-05-27 10:08 - 2021-05-27 10:08 - 000268001 _____ C:\Users\diamander\Downloads\Case Results - 7224Omar Ait-Salih.pdf 2021-05-27 10:06 - 2021-05-27 10:06 - 000048464 _____ C:\Users\diamander\Downloads\sqinv-Mike-Lee-7224.pdf 2021-05-26 15:29 - 2021-05-26 15:29 - 000445131 _____ C:\Users\diamander\Downloads\2019.11.24 Lopez, Jose Stand Up MRI of Bronx.pdf 2021-05-26 15:10 - 2021-05-26 15:10 - 000285239 _____ C:\Users\diamander\Downloads\2021.03.17_Wilson Orthopaedics INVOICE.pdf 2021-05-26 14:37 - 2021-05-26 14:37 - 000734929 _____ C:\Users\diamander\Desktop\2021.05.26 Insureds Confirmation from Adjsuter.pdf 2021-05-26 14:14 - 2021-05-26 14:14 - 000087235 _____ C:\Users\diamander\Downloads\PRIOR Ortho Evals.pdf 2021-05-26 14:13 - 2021-05-26 14:13 - 000238916 _____ C:\Users\diamander\Downloads\PRIOR Diagnostics.pdf 2021-05-26 14:10 - 2021-05-26 14:10 - 000062567 _____ C:\Users\diamander\Downloads\2021.04.13 Rover Note.pdf 2021-05-26 13:55 - 2021-05-26 13:55 - 001363907 _____ C:\Users\diamander\Desktop\Police Report.pdf 2021-05-26 13:03 - 2021-05-26 13:03 - 000058240 _____ C:\Users\diamander\Downloads\2021.05.14 New Doctor.pdf 2021-05-26 10:45 - 2021-05-26 10:45 - 001511472 _____ C:\Users\diamander\Downloads\PR1.jpeg 2021-05-26 10:45 - 2021-05-26 10:45 - 001096918 _____ C:\Users\diamander\Downloads\PR2.jpeg 2021-05-26 10:43 - 2021-05-26 10:43 - 000268618 _____ C:\Users\diamander\Downloads\Case Results - 6969Joseph Williams A(1).pdf 2021-05-26 10:05 - 2021-05-26 10:05 - 000452834 _____ C:\Users\diamander\Downloads\2021.05.24 Paul Ciox 69.00.pdf 2021-05-26 10:05 - 2021-05-26 10:05 - 000452834 _____ C:\Users\diamander\Downloads\2021.05.24 Ariza Ciox 43.20.pdf 2021-05-26 10:04 - 2021-05-26 10:04 - 000347656 _____ C:\Users\diamander\Downloads\2021.05.24 Ciox 21.40.pdf 2021-05-26 10:03 - 2021-05-26 10:03 - 000305702 _____ C:\Users\diamander\Desktop\2021.05.26 Dep Payment 290.50.pdf 2021-05-25 16:46 - 2021-05-25 16:46 - 000685942 _____ C:\Users\diamander\Downloads\Jong H Kim Records Choi.pdf 2021-05-25 16:45 - 2021-05-25 16:48 - 001663005 _____ C:\Users\diamander\Downloads\Seung H Choi Evaluations.pdf 2021-05-25 16:45 - 2021-05-25 16:45 - 000343166 _____ C:\Users\diamander\Downloads\CHOI SEUNG H 06152020 07152020.pdf 2021-05-25 16:45 - 2021-05-25 16:45 - 000306555 _____ C:\Users\diamander\Downloads\PT 07282020 08042020END.pdf 2021-05-25 16:45 - 2021-05-25 16:45 - 000301726 _____ C:\Users\diamander\Downloads\CHOI SEUNG H 12022020 01122021.pdf 2021-05-25 16:45 - 2021-05-25 16:45 - 000089155 _____ C:\Users\diamander\Downloads\Affinity MRIs.pdf 2021-05-25 16:37 - 2021-05-25 16:37 - 001181737 _____ C:\Users\diamander\Downloads\Chung S Kim Retainer.pdf 2021-05-25 16:22 - 2021-05-25 16:22 - 000102151 _____ C:\Users\diamander\Downloads\PI Retainer Agreement(1).pdf 2021-05-25 15:20 - 2021-05-25 15:20 - 000064476 _____ C:\Users\diamander\Downloads\HIPAA Auth Blank.pdf 2021-05-25 15:13 - 2021-05-25 15:13 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-05-25 15:13 - 2021-05-25 15:13 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-05-25 15:12 - 2021-05-25 15:13 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-05-25 15:12 - 2021-05-25 15:12 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-25 13:10 - 2021-05-25 13:11 - 000181766 _____ C:\Users\diamander\Downloads\59948.pdf 2021-05-25 13:09 - 2021-05-25 13:09 - 000057641 _____ C:\Users\diamander\Downloads\Jung Kim BI Release.pdf 2021-05-25 13:07 - 2021-05-25 13:09 - 000050980 _____ C:\Users\diamander\Downloads\Jung Kim UIM Release.pdf 2021-05-25 12:54 - 2021-05-25 12:54 - 000800876 _____ C:\Users\diamander\Downloads\04-08-21 - Griffiths v Slater - Hana Griffiths.pdf 2021-05-25 12:54 - 2021-05-25 12:54 - 000592964 _____ C:\Users\diamander\Downloads\04-08-21 - Griffiths v Slater - Rebecca Slater.pdf 2021-05-25 12:54 - 2021-05-25 12:54 - 000373150 _____ C:\Users\diamander\Downloads\04-08-21 - Griffiths, Hana vs Slater, Rebecca and Slater, Chialing - Exhibits.pdf 2021-05-25 12:54 - 2021-05-25 12:54 - 000149189 _____ C:\Users\diamander\Downloads\04-08-21 - Griffiths v Slater - Hana Griffiths - MINI.pdf 2021-05-25 12:54 - 2021-05-25 12:54 - 000108146 _____ C:\Users\diamander\Downloads\04-08-21 - Griffiths v Slater - Rebecca Slater - MINI.pdf 2021-05-25 12:54 - 2021-05-25 12:54 - 000088326 _____ C:\Users\diamander\Downloads\Griffiths vs. Slater Invoice for NAJIB'S OFFICE 4.8.21.pdf 2021-05-25 12:53 - 2021-05-25 12:53 - 001135308 _____ C:\Users\diamander\Downloads\RepositoryMultipleFiles_21525125326.zip 2021-05-25 12:53 - 2021-05-25 12:53 - 000052443 _____ C:\Users\diamander\Downloads\Barker Supp Rogs.pdf 2021-05-25 12:52 - 2021-05-25 12:53 - 000072095 _____ C:\Users\diamander\Downloads\Barker NTP.pdf 2021-05-25 12:52 - 2021-05-25 12:52 - 000054774 _____ C:\Users\diamander\Downloads\Barker Letter.pdf 2021-05-25 10:15 - 2021-05-25 10:15 - 003303045 _____ C:\Users\diamander\Downloads\Family Psych & Therapy.pdf 2021-05-25 10:14 - 2021-05-25 10:14 - 000106664 _____ C:\Users\diamander\Downloads\P A T I E N T L E D G E R S - ROSALIA ARIZA.pdf 2021-05-24 16:34 - 2021-05-24 16:34 - 000591808 _____ C:\Users\diamander\Downloads\Norat Hipaa Family Psych.pdf 2021-05-24 16:18 - 2021-05-24 16:18 - 000102151 _____ C:\Users\diamander\Downloads\PI Retainer Agreement.pdf 2021-05-24 10:21 - 2021-05-24 10:21 - 000086969 _____ C:\Users\diamander\Downloads\fax-out1621347368-confirmation.pdf 2021-05-24 10:16 - 2021-05-24 10:16 - 000090129 _____ C:\Users\diamander\Downloads\2021.05.24 PIP application to Adjuster.pdf 2021-05-21 16:37 - 2021-05-21 16:37 - 000094412 _____ C:\Users\diamander\Downloads\2021.05.21 Settlement Demand Shin, Joonhee.pdf 2021-05-21 16:07 - 2021-05-21 16:07 - 000062437 _____ C:\Users\diamander\Downloads\2021.05.21 LOR to GEICO for Denial.pdf 2021-05-21 16:07 - 2021-05-21 16:07 - 000062108 _____ C:\Users\diamander\Downloads\2021.05.21 LOR to GEICO for Denial(1).pdf 2021-05-21 15:39 - 2021-05-21 15:39 - 000715086 _____ C:\Users\diamander\Downloads\Pena PIP Application.pdf 2021-05-21 13:27 - 2021-05-21 13:28 - 006155894 _____ C:\Users\diamander\Downloads\Ariza, R. #2.pdf 2021-05-21 13:27 - 2021-05-21 13:28 - 000230960 _____ C:\Users\diamander\Downloads\Ariza, R. #1.pdf 2021-05-21 13:17 - 2021-05-21 13:17 - 000764946 _____ C:\Users\diamander\Downloads\1.pdf 2021-05-21 13:11 - 2021-05-21 13:11 - 000216795 _____ C:\Users\diamander\Downloads\Ariza, Rosalia 11-30-20.pdf 2021-05-21 12:24 - 2021-05-21 12:24 - 000300368 _____ C:\Users\diamander\Downloads\2021.05.21 Zirger Receipt Confirmation.pdf 2021-05-21 12:04 - 2021-05-21 12:04 - 000116467 _____ C:\Users\diamander\Downloads\1620915623.pdf 2021-05-21 11:37 - 2021-05-21 11:37 - 000213433 _____ C:\Users\diamander\Downloads\Mag Wear LLC.pdf 2021-05-21 11:22 - 2021-05-21 11:22 - 000035131 _____ C:\Users\diamander\Downloads\Moon POA.pdf 2021-05-21 10:50 - 2021-05-21 10:50 - 000069674 _____ C:\Users\diamander\Downloads\2021.06.17 Ortho Surgery IME.pdf 2021-05-21 09:54 - 2021-05-26 10:46 - 002784455 _____ C:\Users\diamander\Downloads\Police Report.pdf 2021-05-21 09:35 - 2021-05-21 09:35 - 000171656 _____ C:\Users\diamander\Downloads\fax-10387858.pdf 2021-05-21 09:31 - 2021-05-21 09:31 - 000311095 _____ C:\Users\diamander\Downloads\2021.02.19 Spencer BI Letter.pdf 2021-05-20 15:20 - 2021-05-20 15:20 - 000069674 _____ C:\Users\diamander\Downloads\fax-10375769.pdf 2021-05-20 14:10 - 2021-05-20 14:10 - 000141102 _____ C:\Users\diamander\Downloads\fax-10367244.pdf 2021-05-20 13:08 - 2021-05-20 13:08 - 000070883 _____ C:\Users\diamander\Downloads\1620927524.pdf 2021-05-20 11:21 - 2021-05-20 11:21 - 000268618 _____ C:\Users\diamander\Downloads\Case Results - 6969Joseph Williams A.pdf 2021-05-20 11:20 - 2021-05-20 11:20 - 000048614 _____ C:\Users\diamander\Downloads\sqinv-Mike-Lee-6969.pdf 2021-05-20 10:05 - 2021-05-20 10:06 - 000710393 _____ C:\Users\diamander\Downloads\fax-10355143.pdf 2021-05-20 10:05 - 2021-05-20 10:05 - 002286877 _____ C:\Users\diamander\Downloads\fax-10320337.pdf 2021-05-20 10:05 - 2021-05-20 10:05 - 000178530 _____ C:\Users\diamander\Downloads\fax-10319414.pdf 2021-05-20 09:58 - 2021-05-20 09:58 - 000072604 _____ C:\Users\diamander\Downloads\williams invoice.pdf 2021-05-19 13:29 - 2021-05-19 13:29 - 006770079 _____ C:\Users\diamander\Downloads\Kwon Specials Attachments.pdf 2021-05-19 13:29 - 2021-05-19 13:29 - 000118929 _____ C:\Users\diamander\Downloads\Kwon BI Specials.docx.pdf 2021-05-15 14:34 - 2021-05-15 14:34 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Private Internet Access.lnk 2021-05-12 09:06 - 2021-05-12 09:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-05-12 09:06 - 2021-05-12 09:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-05-12 09:06 - 2021-05-12 09:06 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-05-12 09:06 - 2021-05-12 09:06 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-12 09:06 - 2021-05-12 09:06 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-05-12 09:06 - 2021-05-12 09:06 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-05-12 09:06 - 2021-05-12 09:06 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-12 09:06 - 2021-05-12 09:06 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-12 09:06 - 2021-05-12 09:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-12 09:06 - 2021-05-12 09:06 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-05-12 09:05 - 2021-05-12 09:05 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-12 09:05 - 2021-05-12 09:05 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-06 22:32 - 2021-05-06 22:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-05-04 03:42 - 2021-05-04 03:58 - 000000000 ____D C:\Users\diamander\AppData\Local\T2GP Launcher 2021-05-04 03:42 - 2021-05-04 03:42 - 000000000 ____D C:\Users\diamander\AppData\Roaming\T2GP Launcher 2021-05-03 23:32 - 2021-05-03 23:32 - 000000222 _____ C:\Users\diamander\Desktop\The Witcher 3 Wild Hunt.url ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-28 11:53 - 2021-04-04 15:38 - 000000000 ____D C:\Users\diamander\AppData\Local\LGHUB 2021-05-28 11:51 - 2020-09-07 02:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-28 11:51 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-28 11:29 - 2018-07-06 21:00 - 000000000 ____D C:\Users\diamander\AppData\Roaming\discord 2021-05-28 11:09 - 2018-07-06 21:00 - 000000000 ____D C:\Users\diamander\AppData\Local\Discord 2021-05-28 09:04 - 2020-09-07 02:20 - 001467472 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-28 09:04 - 2020-09-07 00:37 - 000499648 _____ C:\WINDOWS\system32\perfh012.dat 2021-05-28 09:04 - 2020-09-07 00:37 - 000134470 _____ C:\WINDOWS\system32\perfc012.dat 2021-05-28 09:04 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-28 09:00 - 2020-12-15 15:13 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-05-28 09:00 - 2020-12-15 15:13 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2021-05-28 08:59 - 2018-06-27 21:24 - 000000000 ____D C:\ProgramData\NVIDIA 2021-05-28 08:58 - 2020-03-01 10:57 - 000000000 ____D C:\Users\diamander\AppData\Roaming\LGHUB 2021-05-28 08:58 - 2019-02-10 01:31 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-28 08:57 - 2021-03-24 12:05 - 000000000 ____D C:\Program Files\LGHUB 2021-05-28 08:57 - 2020-09-07 02:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-05-28 08:57 - 2020-09-07 02:13 - 000008192 ___SH C:\DumpStack.log.tmp 2021-05-28 08:57 - 2019-01-24 18:40 - 000000000 ____D C:\Users\diamander\AppData\LocalLow\Mozilla 2021-05-28 00:29 - 2019-12-07 05:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2021-05-27 23:53 - 2018-06-28 18:08 - 000000000 ____D C:\Program Files (x86)\Steam 2021-05-27 17:50 - 2018-07-14 19:33 - 000000000 ____D C:\Users\diamander\AppData\Local\D3DSCache 2021-05-27 09:10 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-27 09:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-27 08:58 - 2018-06-28 12:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-26 22:10 - 2020-04-30 20:13 - 000000000 ____D C:\Users\diamander\AppData\Local\Spotify 2021-05-26 21:49 - 2020-04-30 20:13 - 000000000 ____D C:\Users\diamander\AppData\Roaming\Spotify 2021-05-26 19:42 - 2021-03-05 15:30 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-05-25 15:13 - 2020-08-07 20:11 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-22 14:55 - 2018-06-30 21:24 - 000000000 ____D C:\Users\diamander\Documents\The Witcher 3 2021-05-21 19:42 - 2020-06-15 20:54 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-19 19:09 - 2018-06-28 12:36 - 000000000 ____D C:\Users\diamander\AppData\Local\CrashDumps 2021-05-19 00:07 - 2018-10-16 23:35 - 000000000 ____D C:\ProgramData\Riot Games 2021-05-18 14:24 - 2020-01-24 13:52 - 000000000 ____D C:\Users\diamander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2021-05-17 17:58 - 2018-06-28 18:09 - 000000000 ____D C:\Users\diamander\AppData\Local\Battle.net 2021-05-15 14:34 - 2019-02-22 18:30 - 000000000 ____D C:\Program Files\Private Internet Access 2021-05-14 17:26 - 2018-06-28 18:09 - 000000000 ____D C:\Program Files (x86)\Battle.net 2021-05-13 09:03 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-05-13 00:01 - 2020-09-07 02:13 - 000296392 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-13 00:01 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-13 00:01 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-05-12 23:10 - 2020-12-15 15:11 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2021-05-12 23:10 - 2020-12-15 15:11 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2021-05-12 09:07 - 2019-12-07 05:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-05-12 09:07 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-12 09:00 - 2018-06-28 12:38 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-12 09:00 - 2018-06-28 12:38 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-05-08 12:07 - 2021-04-04 15:37 - 000000000 ____D C:\ProgramData\LGHUB 2021-05-06 23:03 - 2020-11-09 13:27 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-05-06 23:03 - 2019-01-24 18:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-06 22:32 - 2019-01-24 18:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-06 21:33 - 2018-07-05 18:50 - 000000000 ____D C:\Users\diamander\AppData\Roaming\Twitch 2021-05-03 23:39 - 2020-09-03 19:02 - 000000000 ____D C:\Users\diamander\AppData\Roaming\EasyAntiCheat 2021-05-03 20:37 - 2020-08-22 00:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools ==================== Files in the root of some directories ======== 2019-06-29 11:52 - 2019-06-29 11:52 - 000000000 _____ () C:\Users\diamander\AppData\Local\D21134.tmp 2019-06-17 18:03 - 2019-06-17 18:03 - 000000000 _____ () C:\Users\diamander\AppData\Local\D211D7.tmp 2019-06-17 17:56 - 2019-06-17 17:56 - 000000000 _____ () C:\Users\diamander\AppData\Local\D21445.tmp 2019-06-27 23:47 - 2019-06-27 23:47 - 000000000 _____ () C:\Users\diamander\AppData\Local\D21511.tmp 2019-06-16 23:43 - 2019-06-16 23:43 - 000000000 _____ () C:\Users\diamander\AppData\Local\D215BE.tmp 2019-06-23 23:38 - 2019-06-23 23:38 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2171F.tmp 2019-06-15 12:06 - 2019-06-15 12:06 - 000000000 _____ () C:\Users\diamander\AppData\Local\D21908.tmp 2019-06-29 19:13 - 2019-06-29 19:13 - 000000000 _____ () C:\Users\diamander\AppData\Local\D21955.tmp 2019-06-30 13:00 - 2019-06-30 13:00 - 000000000 _____ () C:\Users\diamander\AppData\Local\D21CFE.tmp 2019-06-16 18:53 - 2019-06-16 18:53 - 000000000 _____ () C:\Users\diamander\AppData\Local\D22345.tmp 2019-06-27 21:26 - 2019-06-27 21:26 - 000000000 _____ () C:\Users\diamander\AppData\Local\D223F9.tmp 2019-06-20 12:43 - 2019-06-20 12:43 - 000000000 _____ () C:\Users\diamander\AppData\Local\D228F1.tmp 2019-06-28 00:31 - 2019-06-28 00:31 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2324B.tmp 2019-06-30 23:42 - 2019-06-30 23:42 - 000000000 _____ () C:\Users\diamander\AppData\Local\D237E6.tmp 2019-06-22 09:46 - 2019-06-22 09:46 - 000000000 _____ () C:\Users\diamander\AppData\Local\D23A40.tmp 2019-06-23 22:07 - 2019-06-23 22:07 - 000000000 _____ () C:\Users\diamander\AppData\Local\D23EFC.tmp 2019-06-24 12:25 - 2019-06-24 12:25 - 000000000 _____ () C:\Users\diamander\AppData\Local\D23FE6.tmp 2019-06-19 20:24 - 2019-06-19 20:24 - 000000000 _____ () C:\Users\diamander\AppData\Local\D240E3.tmp 2019-06-23 20:06 - 2019-06-23 20:06 - 000000000 _____ () C:\Users\diamander\AppData\Local\D24215.tmp 2019-06-15 12:28 - 2019-06-15 12:28 - 000000000 _____ () C:\Users\diamander\AppData\Local\D246ED.tmp 2019-06-26 17:36 - 2019-06-26 17:36 - 000000000 _____ () C:\Users\diamander\AppData\Local\D24888.tmp 2019-06-15 16:07 - 2019-06-15 16:07 - 000000000 _____ () C:\Users\diamander\AppData\Local\D24A3C.tmp 2019-06-30 15:49 - 2019-06-30 15:49 - 000000000 _____ () C:\Users\diamander\AppData\Local\D24F5C.tmp 2019-06-17 17:49 - 2019-06-17 17:49 - 000000000 _____ () C:\Users\diamander\AppData\Local\D24F6C.tmp 2019-06-20 21:06 - 2019-06-20 21:06 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2528D.tmp 2019-06-16 19:57 - 2019-06-16 19:57 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2541B.tmp 2019-06-30 18:11 - 2019-06-30 18:11 - 000000000 _____ () C:\Users\diamander\AppData\Local\D256A7.tmp 2019-06-23 13:01 - 2019-06-23 13:01 - 000000000 _____ () C:\Users\diamander\AppData\Local\D259C7.tmp 2019-06-19 21:25 - 2019-06-19 21:25 - 000000000 _____ () C:\Users\diamander\AppData\Local\D25A7A.tmp 2019-06-30 18:22 - 2019-06-30 18:22 - 000000000 _____ () C:\Users\diamander\AppData\Local\D25B0B.tmp 2019-06-25 17:29 - 2019-06-25 17:29 - 000000000 _____ () C:\Users\diamander\AppData\Local\D25EC5.tmp 2019-06-23 19:44 - 2019-06-23 19:44 - 000000000 _____ () C:\Users\diamander\AppData\Local\D25F06.tmp 2019-06-24 19:38 - 2019-06-24 19:38 - 000000000 _____ () C:\Users\diamander\AppData\Local\D25F4A.tmp 2019-06-26 20:47 - 2019-06-26 20:47 - 000000000 _____ () C:\Users\diamander\AppData\Local\D26472.tmp 2019-06-18 12:25 - 2019-06-18 12:25 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2649E.tmp 2019-06-15 22:51 - 2019-06-15 22:51 - 000000000 _____ () C:\Users\diamander\AppData\Local\D26629.tmp 2019-06-20 21:06 - 2019-06-20 21:06 - 000000000 _____ () C:\Users\diamander\AppData\Local\D266A3.tmp 2019-06-28 18:58 - 2019-06-28 18:58 - 000000000 _____ () C:\Users\diamander\AppData\Local\D26B62.tmp 2019-06-15 19:19 - 2019-06-15 19:19 - 000000000 _____ () C:\Users\diamander\AppData\Local\D26BE5.tmp 2019-06-23 19:43 - 2019-06-23 19:43 - 000000000 _____ () C:\Users\diamander\AppData\Local\D26D81.tmp 2019-06-22 16:11 - 2019-06-22 16:11 - 000000000 _____ () C:\Users\diamander\AppData\Local\D27407.tmp 2019-06-26 23:01 - 2019-06-26 23:01 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2754F.tmp 2019-06-23 18:20 - 2019-06-23 18:20 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2768A.tmp 2019-06-30 23:09 - 2019-06-30 23:09 - 000000000 _____ () C:\Users\diamander\AppData\Local\D27704.tmp 2019-06-22 12:57 - 2019-06-22 12:57 - 000000000 _____ () C:\Users\diamander\AppData\Local\D27D60.tmp 2019-06-22 22:15 - 2019-06-22 22:15 - 000000000 _____ () C:\Users\diamander\AppData\Local\D27EB5.tmp 2019-06-17 18:03 - 2019-06-17 18:03 - 000000000 _____ () C:\Users\diamander\AppData\Local\D282F0.tmp 2019-06-28 12:19 - 2019-06-28 12:19 - 000000000 _____ () C:\Users\diamander\AppData\Local\D28368.tmp 2019-06-24 17:43 - 2019-06-24 17:43 - 000000000 _____ () C:\Users\diamander\AppData\Local\D284A8.tmp 2019-06-21 12:25 - 2019-06-21 12:25 - 000000000 _____ () C:\Users\diamander\AppData\Local\D284EF.tmp 2019-06-23 19:44 - 2019-06-23 19:44 - 000000000 _____ () C:\Users\diamander\AppData\Local\D28617.tmp 2019-06-29 19:49 - 2019-06-29 19:49 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2863D.tmp 2019-06-16 01:14 - 2019-06-16 01:14 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2865C.tmp 2019-06-19 08:23 - 2019-06-19 08:23 - 000000000 _____ () C:\Users\diamander\AppData\Local\D28741.tmp 2019-06-27 17:14 - 2019-06-27 17:14 - 000000000 _____ () C:\Users\diamander\AppData\Local\D28ACB.tmp 2019-06-25 12:08 - 2019-06-25 12:08 - 000000000 _____ () C:\Users\diamander\AppData\Local\D28CEE.tmp 2019-06-19 17:37 - 2019-06-19 17:37 - 000000000 _____ () C:\Users\diamander\AppData\Local\D28E3.tmp 2019-06-21 18:01 - 2019-06-21 18:01 - 000000000 _____ () C:\Users\diamander\AppData\Local\D28E46.tmp 2019-07-02 12:30 - 2019-07-02 12:30 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2900D.tmp 2019-07-01 08:34 - 2019-07-01 08:34 - 000000000 _____ () C:\Users\diamander\AppData\Local\D291EF.tmp 2019-06-17 12:28 - 2019-06-17 12:28 - 000000000 _____ () C:\Users\diamander\AppData\Local\D293F6.tmp 2019-06-30 21:46 - 2019-06-30 21:46 - 000000000 _____ () C:\Users\diamander\AppData\Local\D29505.tmp 2019-06-18 07:45 - 2019-06-18 07:45 - 000000000 _____ () C:\Users\diamander\AppData\Local\D29A4C.tmp 2019-06-18 08:43 - 2019-06-18 08:43 - 000000000 _____ () C:\Users\diamander\AppData\Local\D29B84.tmp 2019-07-01 12:21 - 2019-07-01 12:21 - 000000000 _____ () C:\Users\diamander\AppData\Local\D29D68.tmp 2019-06-26 12:15 - 2019-06-26 12:15 - 000000000 _____ () C:\Users\diamander\AppData\Local\D29D7B.tmp 2019-06-29 16:52 - 2019-06-29 16:52 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2A532.tmp 2019-06-22 18:44 - 2019-06-22 18:44 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2A9EC.tmp 2019-06-27 18:18 - 2019-06-27 18:18 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2AE51.tmp 2019-06-20 17:46 - 2019-06-20 17:46 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2AEA9.tmp 2019-07-01 23:26 - 2019-07-01 23:26 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2AEF7.tmp 2019-06-16 23:58 - 2019-06-16 23:58 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2B1B0.tmp 2019-06-16 20:17 - 2019-06-16 20:17 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2B37C.tmp 2019-06-26 17:15 - 2019-06-26 17:15 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2B53E.tmp 2019-06-18 17:28 - 2019-06-18 17:28 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2B634.tmp 2019-06-27 19:40 - 2019-06-27 19:40 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2B6DF.tmp 2019-06-16 10:40 - 2019-06-16 10:40 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2B8EF.tmp 2019-06-29 18:11 - 2019-06-29 18:11 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2B90A.tmp 2019-06-30 17:52 - 2019-06-30 17:52 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2BA79.tmp 2019-06-23 22:36 - 2019-06-23 22:36 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2C2F3.tmp 2019-06-16 21:47 - 2019-06-16 21:47 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2C494.tmp 2019-06-22 13:41 - 2019-06-22 13:41 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2CB30.tmp 2019-06-16 22:22 - 2019-06-16 22:22 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2CC39.tmp 2019-06-24 08:45 - 2019-06-24 08:45 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2CC97.tmp 2019-06-25 00:07 - 2019-06-25 00:07 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2D0C4.tmp 2019-06-22 12:05 - 2019-06-22 12:05 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2D51F.tmp 2019-06-19 21:17 - 2019-06-19 21:17 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2D5B7.tmp 2019-06-28 18:04 - 2019-06-28 18:04 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2D867.tmp 2019-06-30 21:01 - 2019-06-30 21:01 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2E14.tmp 2019-06-24 21:09 - 2019-06-24 21:09 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2E147.tmp 2019-06-29 21:06 - 2019-06-29 21:06 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2E8AB.tmp 2019-06-15 21:40 - 2019-06-15 21:40 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2F068.tmp 2019-07-01 17:27 - 2019-07-01 17:27 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2FC2D.tmp 2019-06-27 12:37 - 2019-06-27 12:37 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2FD7F.tmp 2019-06-29 12:45 - 2019-06-29 12:45 - 000000000 _____ () C:\Users\diamander\AppData\Local\D2FDA3.tmp 2019-06-29 20:29 - 2020-03-26 19:22 - 000005632 _____ () C:\Users\diamander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-12-15 15:11 - 2020-12-15 15:11 - 000000410 _____ () C:\Users\diamander\AppData\Local\oobelibMkey.log 2020-10-13 14:09 - 2020-10-13 14:09 - 000002227 _____ () C:\Users\diamander\AppData\Local\recently-used.xbel ==================== SigCheck ============================Addition.txt (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================
  5. Hello, I keep getting the following notification from time to time. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 5/28/21 Protection Event Time: 11:14 AM Log File: 69326030-bfc7-11eb-858b-5cf370a28289.json -Software Information- Version: 4.4.0.117 Components Version: 1.0.1308 Update Package Version: 1.0.41036 License: Premium -System Information- OS: Windows 10 (Build 19042.985) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , System, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: IP Address: 212.102.52.87 Port: 0 (No malicious items detected) Type: Outbound File: System Is there anything I need to do with regard to this?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.