rulesroz

Members

View Profile See their activity

Posts
4
Joined
August 14, 2021
Last visited
August 16, 2021
Days Won
1

rulesroz last won the day on August 15 2021

rulesroz had the most liked content!

Reputation

1 Neutral

Community Answers

See answers

Cloudnet Virus Does Not Go Away

rulesroz replied to rulesroz's topic in Resolved Malware Removal Logs

Yep. Thanks!
- August 15, 2021
- 6 replies
Cloudnet Virus Does Not Go Away

rulesroz replied to rulesroz's topic in Resolved Malware Removal Logs

Hi. I seem to have fixed it-- there are no threats detected even after restarting. I thought that if I somehow rename cloudnet.exe into something, then the virus wouldn't run. I tried finding cloudnet.exe with the normal file explorer, but I couldn't. It's hidden-- even if view hidden files is checked. So I used the software Everything to find it. Here are the steps I did: 1. Install the software Everything. Here's the link: Downloads - voidtools 2. Put "cloudnet.exe" or just "cloud" on the search bar. 3. Rename all cloudnet-related files, especially "cloudnet.exe" with some random text. Confirm the changes. 4. Restart your computer and scan with Malwarebytes. The scan should not detect anymore threats. I'm not sure if this fix completely removed the virus, but everything's okay now. The latest Malwarebytes scan is also attached. Thank you. MB Scan 2.txt
- August 15, 2021
- 6 replies
- - 1
Cloudnet Virus Does Not Go Away

rulesroz replied to rulesroz's topic in Resolved Malware Removal Logs

Yes. I uninstalled it with Geek Uninstaller. The issue is still there.
- August 15, 2021
- 6 replies
Cloudnet Virus Does Not Go Away

rulesroz posted a topic in Resolved Malware Removal Logs

Hi. Malwarebytes seems to not remove the virus. I scanned my PC with Malwarebytes, found 8 threats, all EpicNet Cloudnet-related, I quarantined them, restarted, and still found 8 threats. Saw other people in the forum with the same problem so here I did the first steps. Thank you! This is the FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021 Ran by Yeff (administrator) on DESKTOP-1PNJ1AA (ASUSTeK COMPUTER INC. TUF Gaming FX505DT_FX505DT) (15-08-2021 03:47:23) Running from D:\Downloads Loaded Profiles: Yeff Platform: Windows 10 Home Single Language Version 21H1 19043.1165 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiesrxx.exe (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimizationStartupTask.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOSD.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe (File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.8.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> ColorPickerUI) C:\Program Files\PowerToys\modules\ColorPicker\ColorPickerUI.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <51> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe (Microsoft Corporation -> PowerToys.Awake) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_72035dd8d03aecee\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe (Skutta, Kristjan -> ) D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe (Tonec Inc. -> Tonec Inc.) [File not signed] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3086208 2021-08-13] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2260560 2021-01-25] (voidtools -> voidtools) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> ) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-02-02] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\rules\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-05-31] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5686632 2021-05-31] (Tonec Inc. -> Tonec Inc.) [File not signed] HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33223648 2021-06-11] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\...\Run: [WallpaperEngine] => D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe [2651296 2021-06-18] (Skutta, Kristjan -> ) HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: c:\windows\system32\AdobePDF.dll [65496 2021-02-02] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC) Startup: C:\Users\rules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Free Auto Clicker Update.lnk [2021-07-06] ShortcutTarget: Free Auto Clicker Update.lnk -> C:\Program Files (x86)\Free Auto Clicker\Free Auto Clicker Update.exe (No File) Startup: C:\Users\rules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2021-06-01] ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed] ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0492F7C4-6A2D-440C-934B-6D4AA04BB2E2} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2560144 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {0AE60ECA-C067-4138-A592-A1C8801F2F27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {0FB72D65-73C1-404F-A467-66BDB483655E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {195CA6AC-DF74-46F9-BBD1-8E68DE1AB4CA} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {1D92D1EB-CF0C-4995-8147-7A0A95776D5F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {31CB08C2-9E1D-43B6-8C45-625D998BAF94} - System32\Tasks\PowerToys\Autorun for Yeff => C:\Program Files\PowerToys\PowerToys.exe [1205128 2021-07-01] (Microsoft Corporation -> Microsoft Corporation) Task: {3213E993-03D5-4B1F-A605-42EEE2B6B300} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {36E22AAE-90DE-40BC-B143-1A5827768936} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {38AA2F7A-3CEE-4CAD-A6CC-2FB4F4D227EE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {38D2E5D1-2D6B-40CA-A1B2-0F896BA9FE71} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusUpdateChecker.exe [771200 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {3911FD08-EBE6-44F1-BDDB-5298C07984B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {3F8C074C-2345-4E6C-A1D5-D6BA36AE0160} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {43AE6C5D-39E2-4425-B5DD-604CBA416231} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {497A8CF9-C5E6-491D-A5B7-097E246F7C75} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {55753D94-9A8E-4F46-94C5-3381E1527739} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {55DECE17-C68D-405A-9B2B-62E0A22CEE46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {577DC8F5-B1BB-49A4-BD1F-356A8D004FF5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5C17EB8C-F149-494E-B28A-B04348921CB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6BF7E222-B2A5-486F-97E8-D472D715CE7A} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [43520 2021-06-17] (Advanced Micro Devices, Inc.) [File not signed] Task: {6C15D5F1-8724-465A-B7C0-E6B4A146E440} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.) Task: {6D9714E4-64DD-47C5-B930-A08550FE7756} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusHotkeyExec.exe [233624 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) Task: {723FF700-B57D-4430-919D-4AEC6D249492} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {8193BC83-6DF7-4953-A336-3A898A49CF5E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {8F86F228-1FD3-4C99-94C8-7AB39862B8C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-23] (Google LLC -> Google LLC) Task: {924AE7BC-4604-4B34-98A6-85707C43D90A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-23] (Google LLC -> Google LLC) Task: {972C8A8C-8D74-40F6-AA0D-E9957AFDE3CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {97A009F9-8864-44DB-BC41-8EC1807B105F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9A8F5DF5-652D-4001-91A5-B01AB35919E4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {9C29E469-2B88-4F5D-A3CD-3FC29836B55B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A5F7E641-5AE1-404C-BAED-153FC4EA3020} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {BB94EF4E-655D-44A7-8F7C-42C8632A5D46} - System32\Tasks\14ED9863-76A1-41A3-9850-55CCB7B337E7 => C:\Users\rules\AppData\Roaming\ExplorerMax\ExplorerMax.exe Task: {C65F5FCE-1A51-462E-A14D-703D450F78C5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {D762BFA0-0C6F-46FC-A152-3088F0BD48D3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23252888 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {DDC02E46-651A-4925-B222-66531862E1C7} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [861984 2019-02-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {E419F89A-6298-415C-9ABC-FB1A660308B3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EEA7CA52-91EB-4F42-B15F-5F5AC16B7CE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EFC4666A-27ED-47CF-B68F-000D7E5ADC33} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FC683FF8-C2C7-458B-B267-578800548046} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23252888 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {FC6F59EF-456F-43D9-B334-E85202E297A2} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{372c82b5-897d-4d7f-9fad-85c1ffd4e5cf}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{488c62e8-366f-4a9a-8d6d-65b5b03a590a}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-15] Edge DownloadDir: Default -> D:\Downloads Edge HomePage: Default -> about:tabs Edge NewTab: Default -> Not-active:"chrome-extension://plkbiaiofflbcpfahbgmfhfmdchigfcb/index.html" Edge Extension: (Equalizer for Chrome browser) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abikfbojmghmfjdjlbagiamkinbmbaic [2021-07-01] Edge Extension: (The FFZ Add-On Pack) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2021-05-31] Edge Extension: (BetterTTV) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-08-06] Edge Extension: (Night Eye - Dark mode on any website) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\alncdjedloppbablonallfbkeiknmkdi [2021-07-30] Edge Extension: (Adblock for Youtube™) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-05-31] Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2021-08-03] Edge Extension: (Tampermonkey) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-05-31] Edge Extension: (Floating Player) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ekajjllcmeckibblgckgoceinmmgnfop [2021-05-31] Edge Extension: (Auto Refresh Plus | Page Monitor) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgeljhfekpckiiplhkigfehkdpldcggm [2021-08-03] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-07] Edge Extension: (TubeBuddy) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2021-08-13] Edge Extension: (AdBlock — best ad blocker) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-06-30] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-05-31] Edge Extension: (Video Downloader PLUS) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2021-05-31] Edge Extension: (New Google Tab) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plkbiaiofflbcpfahbgmfhfmdchigfcb [2021-05-31] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-08-13] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-05] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 10 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 10\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 10\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 11 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 11\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 11\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 12 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 12\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 12\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 13 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 13\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 13\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 14 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 14\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 14\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 15 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 15\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 15\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 16 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 16\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 16\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 17 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 17\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 18 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 18\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-05] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-05] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-05] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 5 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 5\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 5\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 6 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 6\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 6\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 7 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 7\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 7\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 8 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 8\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 8\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge Profile: C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 9 [2021-08-15] Edge Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 9\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-07-06] Edge Extension: (YouTube NonStop) - C:\Users\rules\AppData\Local\Microsoft\Edge\User Data\Profile 9\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-07-06] Edge HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-05-10] FireFox: ======== FF DefaultProfile: jibimpg3.default FF ProfilePath: C:\Users\rules\AppData\Roaming\Zotero\Zotero\Profiles\jibimpg3.default [2021-06-01] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\rules\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\rules\AppData\Roaming\IDM\idmmzcc5 [2021-05-31] [Legacy] [not signed] FF HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-19] (VideoLAN -> VideoLAN) FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default [2021-08-13] CHR Extension: (Slides) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-23] CHR Extension: (Docs) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-23] CHR Extension: (Google Drive) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-23] CHR Extension: (YouTube) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-06-23] CHR Extension: (Adobe Acrobat) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-06-23] CHR Extension: (Sheets) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-23] CHR Extension: (Google Docs Offline) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23] CHR Extension: (IDM Integration Module) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-06-23] CHR Extension: (Chrome Web Store Payments) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-23] CHR Extension: (Gmail) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-23] CHR Extension: (Chrome Media Router) - C:\Users\rules\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-23] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-05-10] CHR HKU\S-1-5-21-2661994928-3122408865-2684606729-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-05-10] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-05-10] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe [1290880 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe [142464 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe [793752 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe [336528 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe [945296 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2560144 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [885680 2021-07-11] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142136 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) S4 DTSAPO3Service; C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe [223640 2019-09-03] (DTS, Inc. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2021-08-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) R2 Everything; C:\Program Files\Everything\Everything.exe [2260560 2021-01-25] (voidtools -> voidtools) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-15] (Malwarebytes Inc -> Malwarebytes) S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14673704 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10101336 2021-08-13] (Riot Games, Inc. -> Riot Games, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) S4 WsDrvInst; C:\Program Files (x86)\Wondershare\UniConverter\Transfer\DriverInstall.exe [112560 2020-06-12] (Wondershare Technology Co.,Ltd -> Wondershare) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_72035dd8d03aecee\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_72035dd8d03aecee\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [40512 2021-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0368925.inf_amd64_05ef22929fd9ebfc\B368707\amdkmdag.sys [81597776 2021-06-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\ASUSSAIO.sys [39056 2021-07-11] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\atkwmiacpi64.sys [44680 2021-07-11] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2021-06-12] (Martin Malik - REALiX -> REALiX(tm)) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-07-30] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-07-07] (Malwarebytes Inc -> Malwarebytes) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8236288 2021-08-12] (Riot Games, Inc. -> Riot Games, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2021-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation) S2 AMDRyzenMasterDriver; \??\C:\Program Files\AMD\Performance Profile Client\AMDRyzenMasterDriver.sys [X] S3 MpKsl1a669333; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{45CE380B-1B07-4E29-B2CE-30258A8F52AC}\MpKslDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-08-15 03:47 - 2021-08-15 03:47 - 000000000 ____D C:\FRST 2021-08-15 03:45 - 2021-08-15 03:45 - 000000000 ____D C:\Users\rules\Desktop\Malwarebytes 2021-08-15 03:39 - 2021-08-15 03:40 - 000000000 ____D C:\Users\rules\AppData\Roaming\Geek Uninstaller 2021-08-15 03:15 - 2021-08-15 03:19 - 000000000 ____D C:\Users\rules\AppData\Roaming\WTF LMAO 2021-08-15 03:03 - 2021-08-15 03:14 - 000000000 ____D C:\Users\rules\AppData\Roaming\THIS IS A VIRUS 2021-08-13 23:51 - 2021-08-13 23:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-08-13 23:51 - 2021-08-13 23:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-08-13 23:51 - 2021-08-13 23:51 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-08-13 23:51 - 2021-08-13 23:51 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-08-13 23:51 - 2021-08-13 23:51 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-08-13 23:51 - 2021-08-13 23:51 - 000011347 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-08-13 23:50 - 2021-08-13 23:50 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2021-08-13 23:44 - 2021-08-13 23:44 - 000000000 ___HD C:\$WinREAgent 2021-08-13 23:43 - 2021-06-04 20:26 - 000068880 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll 2021-08-13 23:32 - 2021-08-06 05:12 - 000037664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2021-08-13 23:30 - 2021-08-06 16:45 - 001858680 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-08-13 23:30 - 2021-08-06 16:45 - 001858680 _____ C:\Windows\system32\vulkaninfo.exe 2021-08-13 23:30 - 2021-08-06 16:45 - 001438840 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-08-13 23:30 - 2021-08-06 16:45 - 001438840 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-08-13 23:30 - 2021-08-06 16:45 - 001212536 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-08-13 23:30 - 2021-08-06 16:45 - 001097832 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-08-13 23:30 - 2021-08-06 16:45 - 001097832 _____ C:\Windows\system32\vulkan-1.dll 2021-08-13 23:30 - 2021-08-06 16:45 - 000951928 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-08-13 23:30 - 2021-08-06 16:45 - 000951928 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-08-13 23:30 - 2021-08-06 16:42 - 000716928 _____ C:\Windows\system32\nvofapi64.dll 2021-08-13 23:30 - 2021-08-06 16:42 - 000645248 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2021-08-13 23:30 - 2021-08-06 16:42 - 000577152 _____ C:\Windows\SysWOW64\nvofapi.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 002112144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 001595536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 001520760 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 001171088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 000919184 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 000750200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 000706168 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-08-13 23:30 - 2021-08-06 16:41 - 000676480 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2021-08-13 23:30 - 2021-08-06 16:41 - 000564352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2021-08-13 23:30 - 2021-08-06 16:40 - 008854136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2021-08-13 23:30 - 2021-08-06 16:40 - 007920760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2021-08-13 23:30 - 2021-08-06 16:40 - 005680768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2021-08-13 23:30 - 2021-08-06 16:40 - 004987512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2021-08-13 23:30 - 2021-08-06 16:40 - 002925688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2021-08-13 23:30 - 2021-08-06 16:40 - 000447096 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2021-08-13 23:30 - 2021-08-06 16:39 - 000849024 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2021-08-13 23:30 - 2021-08-06 16:38 - 006215808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2021-08-13 23:30 - 2021-08-06 05:12 - 000083062 _____ C:\Windows\system32\nvinfo.pb 2021-08-13 22:26 - 2021-08-13 22:26 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2021-08-13 22:25 - 2021-08-13 22:25 - 000000000 ____D C:\Users\rules\AppData\Roaming\EasyAntiCheat 2021-08-13 22:15 - 2021-08-13 22:15 - 000000223 _____ C:\Users\rules\Desktop\Apex Legends.url 2021-08-11 18:51 - 2021-06-03 21:56 - 000043408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys 2021-08-09 03:02 - 2021-08-09 03:02 - 000451307 _____ C:\Users\rules\Documents\assessment-print.pdf 2021-08-09 02:37 - 2021-08-09 02:39 - 000140568 _____ C:\Users\rules\Documents\PE ENLISTMENT FORM.pdf 2021-08-03 12:06 - 2021-08-03 12:06 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2021-07-30 06:38 - 2021-07-30 06:38 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2021-07-29 16:00 - 2021-07-29 16:00 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime 2021-07-29 03:12 - 2021-07-29 03:29 - 000000000 ____D C:\Users\rules\AppData\Roaming\rsilauncher 2021-07-29 03:10 - 2021-07-29 03:12 - 000000000 ____D C:\Users\rules\AppData\Roaming\RSI Launcher 2021-07-29 03:10 - 2021-07-29 03:11 - 000000000 ____D C:\Windows\SysWOW64\directx 2021-07-29 03:10 - 2021-07-29 03:10 - 000002239 _____ C:\Users\Public\Desktop\RSI Launcher.lnk 2021-07-29 03:10 - 2021-07-29 03:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries 2021-07-29 03:10 - 2021-07-29 03:10 - 000000000 ____D C:\Program Files\Roberts Space Industries 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\SysWOW64\taskshostservices.exe 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\SysWOW64\Drivers\WinmonProcessMonitor.sys 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\SysWOW64\Drivers\winmonfs.sys 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\SysWOW64\Drivers\winmon.sys 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\system32\taskshostservices.exe 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\system32\Drivers\WinmonProcessMonitor.sys 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\system32\Drivers\winmonfs.sys 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\system32\Drivers\winmon.sys 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 _RSHD C:\Windows\mssecsvc.exe 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 ____D C:\Windows\SysWOW64\SecureBootThemes 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 ____D C:\Windows\system32\SecureBootThemes 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 ____D C:\Windows\SpeechsTracing 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 ____D C:\Windows\SecureBootThemes 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 ____D C:\Windows\rss 2021-07-21 17:53 - 2021-07-21 17:53 - 000000000 ____D C:\Windows\AppDiagnostics 2021-07-21 17:52 - 2021-07-21 17:52 - 000000000 ____D C:\Users\rules\AppData\LocalLow\nvgames 2021-07-21 03:44 - 2021-07-21 03:44 - 000000223 _____ C:\Users\rules\Desktop\Bro Falls Ultimate Showdown.url 2021-07-18 00:46 - 2021-07-18 00:46 - 145268043 _____ C:\Users\Valorant 2021.07.18 - 00.46.42.04.DVR.mp4 2021-07-16 23:15 - 2021-07-16 23:15 - 000000000 ____D C:\Users\rules\AppData\Local\DBG 2021-07-16 14:17 - 2021-07-16 14:17 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb 2021-07-16 14:17 - 2021-07-16 14:17 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb 2021-07-16 14:17 - 2021-07-16 14:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb 2021-07-16 14:17 - 2021-07-16 14:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-08-15 03:48 - 2021-05-31 04:32 - 000840618 _____ C:\Windows\system32\PerfStringBackup.INI 2021-08-15 03:48 - 2019-12-07 17:13 - 000000000 ____D C:\Windows\INF 2021-08-15 03:46 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-15 03:43 - 2021-07-07 22:28 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-15 03:43 - 2021-05-31 06:30 - 000000001 _____ C:\Windows\vgkbootstatus.dat 2021-08-15 03:42 - 2021-06-06 14:34 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 2021-08-15 03:42 - 2021-06-01 12:12 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-15 03:40 - 2021-07-06 01:56 - 000000000 ____D C:\Windows\system32\Tasks\PowerToys 2021-08-15 03:40 - 2021-06-01 13:39 - 000000000 ____D C:\Users\rules\AppData\Local\Everything 2021-08-15 03:40 - 2021-06-01 12:22 - 000000000 ____D C:\Users\rules\AppData\Roaming\Everything 2021-08-15 03:40 - 2021-05-31 21:19 - 000003116 _____ C:\Windows\system32\Tasks\AMDInstallLauncher 2021-08-15 03:40 - 2021-05-31 21:02 - 000003076 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2021-08-15 03:40 - 2021-05-31 19:23 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-15 03:40 - 2021-05-31 19:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-08-15 03:40 - 2021-05-31 05:23 - 000000000 ____D C:\Users\rules\AppData\Roaming\DMCache 2021-08-15 03:40 - 2021-05-31 05:13 - 000000000 ____D C:\Users\rules\Documents\ShareX 2021-08-15 03:40 - 2019-12-07 17:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-08-15 03:39 - 2021-05-31 05:23 - 000000000 ____D C:\Users\rules\AppData\Roaming\IDM 2021-08-15 03:39 - 2021-05-31 05:00 - 000000000 ____D C:\Users\rules\Desktop\Desktop 2nd Sem 2021-08-15 03:10 - 2021-06-01 19:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-08-15 03:10 - 2021-06-01 19:41 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-08-15 03:08 - 2021-06-02 01:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-08-15 03:02 - 2021-06-24 22:40 - 000000000 ____D C:\Program Files (x86)\Steam 2021-08-15 03:02 - 2021-06-04 22:21 - 000000000 ____D C:\Users\rules\AppData\Roaming\discord 2021-08-15 03:02 - 2021-05-31 04:28 - 000000000 ____D C:\Users\rules 2021-08-15 02:53 - 2021-06-04 22:21 - 000000000 ____D C:\Users\rules\AppData\Local\Discord 2021-08-15 02:46 - 2021-05-31 05:13 - 000000000 ____D C:\ProgramData\Riot Games 2021-08-15 02:31 - 2021-05-31 23:03 - 000000000 ____D C:\Users\rules\AppData\Roaming\vlc 2021-08-15 02:29 - 2021-05-31 19:23 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-08-14 23:03 - 2021-07-07 22:19 - 000000000 ____D C:\Users\rules\AppData\Local\D3DSCache 2021-08-14 20:27 - 2021-05-31 05:49 - 000000000 ____D C:\Users\rules\AppData\Local\CrashDumps 2021-08-14 01:59 - 2021-05-31 05:15 - 000000000 ____D C:\Program Files\Riot Vanguard 2021-08-14 00:13 - 2021-05-31 19:23 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-14 00:13 - 2021-05-31 19:23 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-08-14 00:13 - 2019-12-07 17:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-14 00:13 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\AppReadiness 2021-08-14 00:07 - 2021-05-31 19:23 - 000347392 _____ C:\Windows\system32\FNTCACHE.DAT 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ___SD C:\Windows\system32\UNP 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SystemResources 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\oobe 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\Dism 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\ShellComponents 2021-08-14 00:06 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\bcastdvr 2021-08-14 00:06 - 2019-12-07 17:03 - 000000000 ____D C:\Windows\servicing 2021-08-13 23:54 - 2021-06-20 19:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-13 23:54 - 2019-12-07 17:03 - 000000000 ____D C:\Windows\CbsTemp 2021-08-13 23:43 - 2021-06-04 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2021-08-13 23:43 - 2021-06-04 18:40 - 000164696 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2021-08-13 23:43 - 2021-06-04 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2021-08-13 23:43 - 2021-06-04 18:39 - 000000000 ____D C:\Program Files (x86)\Java 2021-08-13 23:42 - 2021-06-07 00:50 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2021-08-13 23:39 - 2021-06-23 10:13 - 000000000 ____D C:\Windows\Minidump 2021-08-13 23:39 - 2021-05-31 20:22 - 000000000 ____D C:\Windows\Panther 2021-08-13 23:35 - 2021-06-22 19:58 - 000000000 ____D C:\Users\rules\AppData\Local\NVIDIA 2021-08-13 23:34 - 2021-07-07 22:28 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2021-08-13 23:32 - 2021-05-31 05:55 - 000000000 ____D C:\Program Files\CCleaner 2021-08-13 23:31 - 2021-07-07 22:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-08-13 23:31 - 2021-05-31 05:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-08-13 22:52 - 2021-05-31 10:17 - 000000000 ____D C:\Windows\system32\MRT 2021-08-13 22:46 - 2021-05-31 10:17 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-08-13 22:46 - 2021-05-31 04:39 - 000000000 ____D C:\ProgramData\Package Cache 2021-08-13 22:15 - 2021-05-31 07:18 - 000000000 ____D C:\Users\rules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2021-08-12 15:28 - 2021-05-31 05:41 - 000000000 ____D C:\Users\rules\Desktop\SCHOOL 2ND SEM 2021-08-11 19:25 - 2021-07-08 19:46 - 000000000 ____D C:\Users\rules\AppData\Local\ElevatedDiagnostics 2021-08-11 18:52 - 2021-07-07 22:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-08-11 18:52 - 2021-06-22 19:58 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:58 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:58 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:58 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:52 - 2021-06-22 19:54 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-08-11 18:51 - 2021-06-22 19:58 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 18:51 - 2021-06-22 19:58 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-08-11 02:05 - 2021-05-31 22:19 - 000000000 ____D C:\Users\rules\AppData\Roaming\obs-studio 2021-08-09 23:29 - 2021-05-31 06:16 - 000000000 ____D C:\Program Files\Microsoft Office 2021-08-09 21:52 - 2021-05-31 05:12 - 000000000 ____D C:\Users\rules\Documents\Audacity 2021-08-09 21:47 - 2021-05-31 05:07 - 000000000 ____D C:\Users\rules\Documents\American Truck Simulator 2021-08-09 21:20 - 2021-05-31 05:04 - 000000000 ____D C:\Users\rules\Documents\Adobe 2021-08-09 20:14 - 2021-05-31 04:31 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2661994928-3122408865-2684606729-1001 2021-08-09 20:14 - 2021-05-31 04:31 - 000000000 ___RD C:\Users\rules\OneDrive 2021-08-09 20:14 - 2021-05-31 04:28 - 000002383 _____ C:\Users\rules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-06 16:45 - 2021-07-07 22:37 - 001474672 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-08-06 16:38 - 2021-07-07 22:26 - 007280848 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2021-08-06 05:12 - 2021-07-07 22:27 - 000136472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2021-08-06 00:11 - 2021-06-23 04:59 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-06 00:11 - 2021-06-23 04:59 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-05 14:12 - 2021-06-23 04:59 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-05 14:12 - 2021-06-23 04:59 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-08-05 04:08 - 2021-05-31 05:48 - 000000000 ____D C:\ProgramData\Wondershare Filmora 2021-08-04 17:47 - 2021-05-31 19:23 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-08-03 23:33 - 2021-06-15 23:13 - 000000000 ____D C:\Users\rules\Desktop\DDU v18.0.3.9 2021-08-03 18:51 - 2021-05-31 05:13 - 000000000 ____D C:\Users\rules\Desktop\DESKTOP 1ST SEM 2021-08-03 12:09 - 2021-05-31 04:28 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0 2021-08-03 12:09 - 2021-05-31 04:28 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3 2021-08-02 22:07 - 2021-05-31 19:23 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-02 22:07 - 2021-05-31 19:23 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-29 17:49 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-07-27 17:27 - 2021-07-05 22:25 - 000000000 ____D C:\Users\rules\Documents\cheat 2021-07-27 01:16 - 2021-05-31 05:15 - 000000000 ____D C:\Users\rules\Documents\Sound recordings 2021-07-26 11:16 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\LiveKernelReports 2021-07-25 19:25 - 2021-05-31 04:48 - 000000000 ____D C:\Users\rules\AppData\Local\AMD_Common 2021-07-17 02:53 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-07-17 02:53 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-16 09:45 - 2021-06-20 19:11 - 000740152 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll 2021-07-16 09:45 - 2021-06-20 19:11 - 000486712 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll ==================== Files in the root of some directories ======== 2021-06-04 12:55 - 2021-06-04 12:55 - 000000016 _____ () C:\Users\rules\AppData\Roaming\obs-virtualcam.txt 2021-05-31 06:02 - 2021-06-01 19:33 - 000000615 _____ () C:\Users\rules\AppData\Local\oobelibMkey.log 2021-06-18 19:33 - 2021-06-18 19:33 - 000007605 _____ () C:\Users\rules\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Addition.txt is attached. Addition.txt
- August 14, 2021
- 6 replies

Sign In

rulesroz

Posts

Joined

Last visited

Days Won

Reputation

Community Answers

Cloudnet Virus Does Not Go Away

Cloudnet Virus Does Not Go Away

Cloudnet Virus Does Not Go Away

Cloudnet Virus Does Not Go Away

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information