Jump to content

Premium MB unable to locate browser redirection virus


Recommended Posts

Hi y'all!

We've had issues with Chrome randomly opening and sometimes redirecting to other websites when we click anywhere on a regular page. We have Malwarebytes premium upto date and have performed multiple scans to no avail. There's a threat scan running as I type this now, and I can export the txt log once that's done. Let me know what else I need to supply so we can get this little machine nice and squeaky clean! (My parents sometimes come by to walk our dog while we're at work and more than once have seen some, uh, less desirable web pages pop up on their own lmao)

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

If the problem persists and Chrome is Synced with other Devices check this out.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

Execute the suggested fix.

Restart the computer normally.
===========

If the problem persists please run this tool.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs  for my review.

Wait for further instructions


 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05.2019
Ran by The Pines (administrator) on MYSTERYSHACK (MSI MS-7996) (09-05-2019 07:52:11)
Running from C:\Users\The Pines\Downloads
Loaded Profiles: defaultuser0 & The Pines (Available Profiles: defaultuser0 & The Pines)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\The Pines\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHWA.EXE
(TunnelBear, Inc. -> ) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3472694132-228439100-2559704311-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3472694132-228439100-2559704311-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-3472694132-228439100-2559704311-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3472694132-228439100-2559704311-1001\...\Run: [Spotify] => C:\Users\The Pines\AppData\Roaming\Spotify\Spotify.exe [25323240 2018-11-14] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3472694132-228439100-2559704311-1001\...\Run: [uTorrent] => C:\Users\The Pines\AppData\Roaming\uTorrent\uTorrent.exe [1984184 2018-06-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3472694132-228439100-2559704311-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [241280 2017-02-26] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\73.0.762.88\Installer\chrmstp.exe [2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D19943-56A6-45B8-8A9C-42D12D8E4E6B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {0AE9D104-6F80-4E82-892D-56B51CBB9E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1F7DB846-3F80-4467-B620-2528B8CC6F24} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [315904 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {28403A50-4FB5-48F1-AA3F-B9714C7214E0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B08E47A-FEDB-45D5-B438-C78220A6D9ED} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {2E136B36-0635-427A-8A1E-2EC9DF749652} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.)
Task: {33104B88-D9BC-4D75-A3BC-54BFC4A8754A} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {3F35AA50-E9CB-4C3D-9C5B-4D9F8DC041E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.)
Task: {573E0512-E7F9-407E-A6AA-4ED60F45E7A9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6238BE09-4797-4AE0-A702-535921B16323} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {702A2DD9-376F-47C7-8468-AC4E7500C5AC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {70919D05-1EDA-4742-8215-B0D8B1947BFB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7856E3B6-FB4B-4B9B-B347-149CECE5CE42} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072504 2018-06-21] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {82A51688-0E15-4C11-9134-864FB9E73623} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-03-28] (AVG Netherlands B.V. -> AVG Technologies)
Task: {A03065F2-E5E2-4083-9345-AC3A13D03F54} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A4CA4A14-89B8-46E2-A560-6B90B679C4A7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A646BD4C-7F65-4D92-9F92-4B58938CA207} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {AAB00839-4CCE-4792-ABEA-8FA6E6A79A51} - System32\Tasks\S-1-5-21-3472694132-228439100-2559704311-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [132608 2018-12-08] (Microsoft Windows -> Microsoft Corporation)
Task: {B86D7445-BAFE-424B-A730-8F2A5FCD46F5} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-03-28] (AVG Netherlands B.V. -> AVG Technologies)
Task: {B8C59711-2F72-46DB-A8A9-D6B1FF41D03D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C10534BC-8630-44F2-8577-846724CFFFF6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [315904 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {CA6F24DD-E471-40E6-87B4-A4F951D67C2F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC339906-7920-444A-835E-EAFAB202F594} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {CE352325-4595-4FAF-BCF7-CAD9BA8A839F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {DB6E8984-A458-4EC3-A8BD-A96EC7C1E663} - System32\Tasks\AdobeGCInvoker-1.0-MYSTERYSHACK-The Pines => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {DD0BD89B-9799-409C-B050-EF7D6E4D5EDC} - System32\Tasks\G2MUploadTask-S-1-5-21-3472694132-228439100-2559704311-1001 => C:\Users\The Pines\AppData\Local\GoToMeeting\12933\g2mupload.exe [32256 2019-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E1F729D6-0816-4E95-B9E8-43D589A27C78} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1D62EF8B-7F65-4733-8ACE-A2239A148DAA\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [359936 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {E3ED6535-3ECC-4505-A966-16DCA1A55947} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E7450FF4-8CFE-4199-8CED-F1915583214E} - System32\Tasks\G2MUpdateTask-S-1-5-21-3472694132-228439100-2559704311-1001 => C:\Users\The Pines\AppData\Local\GoToMeeting\12933\g2mupdate.exe [32256 2019-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {EA6F5545-C4BD-4311-BD0E-47F86929DF1B} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1956064 2019-04-11] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {ECB85A02-9F41-40A2-B7ED-DBC90DDBC803} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EFAEF7CF-FF04-4FC2-9BF8-8E1FA1D07F1F} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1956064 2019-04-11] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {F1498F04-6741-4370-93F4-04EF428A7C52} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2970544 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {F2C3BA28-BFF3-4FF5-963F-EC0F4E7FEDBF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3472694132-228439100-2559704311-1001.job => C:\Users\The Pines\AppData\Local\GoToMeeting\12933\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3472694132-228439100-2559704311-1001.job => C:\Users\The Pines\AppData\Local\GoToMeeting\12933\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.10.216.1 71.10.216.2
Tcpip\..\Interfaces\{0df0f8f3-7a0e-44a5-8559-da3d7203b467}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{29914311-2bcc-4499-8f9c-4543822c3c2d}: [DhcpNameServer] 192.168.1.1 71.10.216.1 71.10.216.2
Tcpip\..\Interfaces\{7570881f-301b-4138-837a-b310d5a9d5dd}: [NameServer] 10.4.0.1
Tcpip\..\Interfaces\{7570881f-301b-4138-837a-b310d5a9d5dd}: [DhcpNameServer] 10.4.0.1
Tcpip\..\Interfaces\{f0db227b-76c1-45ea-9e99-0da8c4345a27}: [DhcpNameServer] 192.168.1.1 71.10.216.1 71.10.216.2

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3472694132-228439100-2559704311-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = 
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-05] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 1lbm9312.default
FF ProfilePath: C:\Users\The Pines\AppData\Roaming\Mozilla\Firefox\Profiles\1lbm9312.default [2019-03-29]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3472694132-228439100-2559704311-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\The Pines\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default [2019-05-09]
CHR Extension: (Slides) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22]
CHR Extension: (YouTube) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-24]
CHR Extension: (AVG Secure Search) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2019-05-08]
CHR Extension: (Tampermonkey) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-03-03]
CHR Extension: (Sheets) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Adblock Pro) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-11-03]
CHR Extension: (Gmail) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\The Pines\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-08]
CHR HKU\S-1-5-21-3472694132-228439100-2559704311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-03-28] (AVG Netherlands B.V. -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [362536 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6709272 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-03-28] (AVG Netherlands B.V. -> AVG Technologies)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110048 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6598496 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113024 2018-02-12] (TunnelBear, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [316120 2014-08-18] (NETGEAR -> )
S3 AVGSecureBrowserElevationService; "C:\Program Files (x86)\AVG\Browser\Application\73.0.762.88\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37368 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [254680 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [196560 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblog.sys [320672 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [58152 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42336 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [166896 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112360 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [87992 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [476824 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [220472 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [385904 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 BCMH43XX; C:\WINDOWS\system32\DRIVERS\bcmwlhigh664.sys [1255672 2015-02-11] (Broadcom Corporation -> Broadcom Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-05-05] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-05-05] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-05-08] (Malwarebytes Corporation -> Malwarebytes)
S3 NPF; C:\WINDOWS\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e7b3660b4830c245\nvlddmkm.sys [20424640 2018-12-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
R0 SCMNdisP; C:\WINDOWS\System32\DRIVERS\scmndisp.sys [25312 2007-01-19] (NETGEAR -> Windows (R) Codename Longhorn DDK provider)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-09 07:52 - 2019-05-09 07:53 - 000037374 _____ C:\Users\The Pines\Downloads\FRST.txt
2019-05-09 07:52 - 2019-05-09 07:52 - 000000000 ____D C:\Users\The Pines\Downloads\FRST-OlderVersion
2019-05-09 07:51 - 2019-05-09 07:52 - 002430976 _____ (Farbar) C:\Users\The Pines\Downloads\FRST64.exe
2019-05-09 07:51 - 2019-05-09 07:52 - 000000000 ____D C:\FRST
2019-05-08 19:14 - 2019-05-08 19:14 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-08 19:14 - 2019-05-08 19:14 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-08 19:14 - 2019-05-08 19:14 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-08 19:14 - 2019-05-08 19:14 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-08 19:00 - 2019-05-08 19:00 - 000000000 ____D C:\AdwCleaner
2019-05-08 18:58 - 2019-05-08 18:58 - 000001221 _____ C:\Users\The Pines\Desktop\MalwarebytesExport.txt
2019-05-08 07:36 - 2019-05-08 07:36 - 007025360 _____ (Malwarebytes) C:\Users\The Pines\Downloads\adwcleaner_7.3.exe
2019-05-05 17:32 - 2019-05-05 17:32 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-30 07:55 - 2019-04-30 07:56 - 044443168 _____ (Microsoft Corporation) C:\Users\The Pines\Downloads\Windows-KB890830-x64-V5.71 (1).exe
2019-04-30 07:54 - 2019-04-30 07:55 - 044443168 _____ (Microsoft Corporation) C:\Users\The Pines\Downloads\Windows-KB890830-x64-V5.71.exe
2019-04-25 13:12 - 2019-04-25 13:12 - 000003826 _____ C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2019-04-25 13:12 - 2019-04-25 13:12 - 000003242 _____ C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2019-04-24 07:52 - 2019-02-13 00:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-04-24 07:50 - 2019-04-24 07:50 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-04-12 11:52 - 2019-04-24 07:51 - 000000077 _____ C:\WINDOWS\system32\Drivers\avgSP.sys.sum
2019-04-09 18:04 - 2019-04-02 07:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-09 18:04 - 2019-04-02 07:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-09 18:04 - 2019-04-02 04:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-09 18:04 - 2019-04-02 04:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-09 18:04 - 2019-04-02 03:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-09 18:04 - 2019-04-02 03:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-09 18:04 - 2019-04-02 03:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-09 18:04 - 2019-04-02 03:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-09 18:04 - 2019-04-02 03:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-09 18:04 - 2019-04-02 02:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-09 18:04 - 2019-04-02 02:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-09 18:04 - 2019-04-02 02:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-09 18:04 - 2019-04-02 02:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-09 18:04 - 2019-04-02 00:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-09 18:04 - 2019-04-01 23:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-09 18:04 - 2019-04-01 23:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-09 18:04 - 2019-04-01 23:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-09 18:04 - 2019-03-14 03:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-09 18:04 - 2019-03-14 03:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-09 18:04 - 2019-03-14 03:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-09 18:04 - 2019-03-14 03:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-09 18:04 - 2019-03-14 03:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-09 18:04 - 2019-03-14 02:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-09 18:04 - 2019-03-14 02:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-09 18:04 - 2019-03-14 02:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-09 18:04 - 2019-03-14 02:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-09 18:04 - 2019-03-14 02:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-09 18:03 - 2019-04-02 07:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-09 18:03 - 2019-04-02 07:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-09 18:03 - 2019-04-02 07:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-09 18:03 - 2019-04-02 07:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-09 18:03 - 2019-04-02 07:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-09 18:03 - 2019-04-02 07:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-09 18:03 - 2019-04-02 07:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-09 18:03 - 2019-04-02 07:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-09 18:03 - 2019-04-02 07:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-09 18:03 - 2019-04-02 07:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-09 18:03 - 2019-04-02 07:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-09 18:03 - 2019-04-02 07:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-09 18:03 - 2019-04-02 07:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-09 18:03 - 2019-04-02 07:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-09 18:03 - 2019-04-02 04:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-09 18:03 - 2019-04-02 04:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-09 18:03 - 2019-04-02 04:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-09 18:03 - 2019-04-02 04:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-09 18:03 - 2019-04-02 04:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-09 18:03 - 2019-04-02 04:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-09 18:03 - 2019-04-02 04:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-09 18:03 - 2019-04-02 03:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-09 18:03 - 2019-04-02 03:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-09 18:03 - 2019-04-02 03:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-09 18:03 - 2019-04-02 03:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-09 18:03 - 2019-04-02 03:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-09 18:03 - 2019-04-02 03:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-09 18:03 - 2019-04-02 03:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-09 18:03 - 2019-04-02 03:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-09 18:03 - 2019-04-02 03:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-09 18:03 - 2019-04-02 03:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-09 18:03 - 2019-04-02 03:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-09 18:03 - 2019-04-02 03:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-09 18:03 - 2019-04-02 02:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-09 18:03 - 2019-04-02 02:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-09 18:03 - 2019-04-02 02:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-09 18:03 - 2019-04-02 02:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-09 18:03 - 2019-04-02 02:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-09 18:03 - 2019-04-02 02:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-09 18:03 - 2019-04-02 02:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-09 18:03 - 2019-04-02 02:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-09 18:03 - 2019-04-02 02:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-09 18:03 - 2019-04-02 02:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-09 18:03 - 2019-04-02 02:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-09 18:03 - 2019-04-02 02:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-09 18:03 - 2019-04-02 02:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-09 18:03 - 2019-04-02 02:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-09 18:03 - 2019-04-02 01:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-09 18:03 - 2019-04-02 00:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-09 18:03 - 2019-04-02 00:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-09 18:03 - 2019-04-02 00:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-09 18:03 - 2019-04-02 00:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-09 18:03 - 2019-04-01 23:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-09 18:03 - 2019-04-01 23:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-09 18:03 - 2019-04-01 23:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-09 18:03 - 2019-04-01 23:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-09 18:03 - 2019-04-01 23:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-09 18:03 - 2019-04-01 23:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-09 18:03 - 2019-04-01 23:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-09 18:03 - 2019-04-01 23:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-09 18:03 - 2019-03-16 07:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-09 18:03 - 2019-03-16 04:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-09 18:03 - 2019-03-14 09:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-09 18:03 - 2019-03-14 09:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-09 18:03 - 2019-03-14 09:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-09 18:03 - 2019-03-14 09:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-09 18:03 - 2019-03-14 09:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-09 18:03 - 2019-03-14 09:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-09 18:03 - 2019-03-14 09:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-09 18:03 - 2019-03-14 09:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-09 18:03 - 2019-03-14 09:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-09 18:03 - 2019-03-14 09:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-09 18:03 - 2019-03-14 09:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-09 18:03 - 2019-03-14 09:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-09 18:03 - 2019-03-14 09:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-09 18:03 - 2019-03-14 08:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-09 18:03 - 2019-03-14 08:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-09 18:03 - 2019-03-14 08:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-09 18:03 - 2019-03-14 08:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-09 18:03 - 2019-03-14 08:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-09 18:03 - 2019-03-14 08:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-09 18:03 - 2019-03-14 03:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-09 18:03 - 2019-03-14 03:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-09 18:03 - 2019-03-14 03:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-09 18:03 - 2019-03-14 03:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-09 18:03 - 2019-03-14 03:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-09 18:03 - 2019-03-14 03:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-09 18:03 - 2019-03-14 03:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-09 18:03 - 2019-03-14 03:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-09 18:03 - 2019-03-14 03:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-09 18:03 - 2019-03-14 03:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-09 18:03 - 2019-03-14 03:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-09 18:03 - 2019-03-14 03:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-09 18:03 - 2019-03-14 03:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-09 18:03 - 2019-03-14 03:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-09 18:03 - 2019-03-14 03:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-09 18:03 - 2019-03-14 03:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-09 18:03 - 2019-03-14 03:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-09 18:03 - 2019-03-14 03:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-09 18:03 - 2019-03-14 03:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-09 18:03 - 2019-03-14 03:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-09 18:03 - 2019-03-14 03:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-09 18:03 - 2019-03-14 03:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-09 18:03 - 2019-03-14 03:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-09 18:03 - 2019-03-14 03:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-09 18:03 - 2019-03-14 03:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-09 18:03 - 2019-03-14 03:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-09 18:03 - 2019-03-14 03:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-09 18:03 - 2019-03-14 03:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-09 18:03 - 2019-03-14 03:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-09 18:03 - 2019-03-14 03:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-09 18:03 - 2019-03-14 03:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-09 18:03 - 2019-03-14 03:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-09 18:03 - 2019-03-14 03:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-09 18:03 - 2019-03-14 03:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-09 18:03 - 2019-03-14 03:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-09 18:03 - 2019-03-14 03:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-09 18:03 - 2019-03-14 03:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-09 18:03 - 2019-03-14 03:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-09 18:03 - 2019-03-14 03:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-09 18:03 - 2019-03-14 03:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-09 18:03 - 2019-03-14 03:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-09 18:03 - 2019-03-14 03:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-09 18:03 - 2019-03-14 03:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-09 18:03 - 2019-03-14 03:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-09 18:03 - 2019-03-14 03:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-09 18:03 - 2019-03-14 03:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-09 18:03 - 2019-03-14 02:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-09 18:03 - 2019-03-14 02:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-09 18:03 - 2019-03-14 02:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-09 18:03 - 2019-03-14 02:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-09 18:03 - 2019-03-14 02:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-09 18:03 - 2019-03-14 02:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-09 18:03 - 2019-03-14 02:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-09 18:03 - 2019-03-14 02:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-09 18:03 - 2019-03-14 02:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-09 18:03 - 2019-03-14 02:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-09 18:03 - 2019-03-14 02:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-09 18:03 - 2019-03-14 02:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-09 18:03 - 2019-03-14 02:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-09 18:03 - 2019-03-14 02:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-09 18:03 - 2019-03-14 02:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-09 18:03 - 2019-03-14 02:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-09 18:03 - 2019-03-14 02:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-09 18:03 - 2019-03-14 02:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-09 18:03 - 2019-03-14 02:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-09 18:03 - 2019-03-14 02:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-09 18:03 - 2019-03-14 02:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-09 18:03 - 2019-03-14 02:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-09 18:03 - 2019-03-14 02:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-09 18:03 - 2019-03-14 02:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-09 18:03 - 2019-03-14 02:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-09 18:03 - 2019-03-14 02:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-09 18:03 - 2019-03-14 02:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-09 18:03 - 2019-03-14 02:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-09 18:03 - 2019-03-14 02:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-09 18:03 - 2019-03-14 02:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-09 18:03 - 2019-03-14 02:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-09 18:03 - 2019-03-13 20:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-09 18:03 - 2019-03-13 20:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-09 18:03 - 2019-03-13 20:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-09 18:03 - 2019-03-13 20:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-09 18:03 - 2019-03-13 20:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-09 07:47 - 2018-05-22 23:52 - 000004278 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-05-09 07:47 - 2017-05-31 19:31 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-09 07:46 - 2018-05-22 23:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-09 07:46 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-09 02:09 - 2018-05-22 23:52 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D0BA4EAF-073E-4EFC-85A6-9BECB5EB6B1F}
2019-05-08 19:25 - 2016-12-03 21:16 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-08 19:22 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-08 19:22 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-08 19:21 - 2018-05-22 23:45 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-08 19:21 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-08 19:14 - 2018-05-22 23:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-08 19:14 - 2018-03-01 20:51 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2019-05-08 19:13 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-08 19:08 - 2017-09-27 15:21 - 000000588 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3472694132-228439100-2559704311-1001.job
2019-05-08 19:02 - 2018-05-22 23:33 - 000000000 ____D C:\Users\defaultuser0
2019-05-08 19:01 - 2018-05-22 23:33 - 000000000 ____D C:\Users\The Pines
2019-05-08 19:01 - 2016-12-04 10:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-05-08 18:51 - 2016-12-04 10:26 - 000000000 ____D C:\Users\The Pines\AppData\Local\Battle.net
2019-05-08 15:08 - 2018-05-22 23:52 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2019-05-08 12:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-05-05 17:32 - 2019-03-04 08:27 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-04 17:55 - 2018-05-22 23:52 - 000003854 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3472694132-228439100-2559704311-1001
2019-05-04 17:55 - 2018-05-22 23:52 - 000003758 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3472694132-228439100-2559704311-1001
2019-05-04 17:55 - 2017-09-27 15:21 - 000000684 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3472694132-228439100-2559704311-1001.job
2019-05-04 17:55 - 2017-09-27 15:21 - 000000000 ____D C:\Users\The Pines\AppData\Local\GoToMeeting
2019-05-02 17:12 - 2016-12-24 14:32 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 17:12 - 2016-12-24 14:32 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-01 11:54 - 2018-08-23 18:32 - 000000000 ____D C:\WINDOWS\Minidump
2019-05-01 08:03 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-01 08:02 - 2017-12-05 10:22 - 000000000 ____D C:\Users\The Pines\AppData\Local\Packages
2019-04-30 07:57 - 2016-12-03 23:03 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-25 13:12 - 2019-03-28 17:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2019-04-25 13:12 - 2019-03-28 17:06 - 000002340 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2019-04-24 11:51 - 2017-04-05 19:34 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-04-24 11:47 - 2016-12-04 10:26 - 000000000 ____D C:\Users\The Pines\AppData\Local\Blizzard Entertainment
2019-04-24 07:57 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-24 07:51 - 2017-04-05 19:34 - 000476824 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-04-24 07:50 - 2019-01-14 11:19 - 000254680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-04-24 07:50 - 2019-01-04 09:01 - 000320672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblog.sys
2019-04-24 07:50 - 2019-01-04 09:01 - 000196560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-04-24 07:50 - 2019-01-04 09:01 - 000058152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-04-24 07:50 - 2019-01-04 09:01 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-04-24 07:50 - 2018-10-09 11:59 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-04-24 07:50 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 07:50 - 2017-11-27 07:39 - 000205656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-04-24 07:50 - 2017-04-05 19:34 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-04-24 07:50 - 2017-04-05 19:34 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-04-24 07:50 - 2017-04-05 19:34 - 000166896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-04-24 07:50 - 2017-04-05 19:34 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-04-24 07:50 - 2017-04-05 19:34 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-04-15 19:54 - 2018-05-22 23:52 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3472694132-228439100-2559704311-1001
2019-04-15 19:54 - 2018-05-22 23:33 - 000002375 _____ C:\Users\The Pines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-15 19:54 - 2016-12-04 12:19 - 000000000 ___RD C:\Users\The Pines\OneDrive
2019-04-13 15:54 - 2019-01-10 19:29 - 000003140 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-13 15:54 - 2018-09-03 10:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-13 15:54 - 2018-05-22 23:52 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-13 15:54 - 2018-05-22 23:52 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-13 15:54 - 2018-05-22 23:52 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-13 15:54 - 2018-05-22 23:52 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-13 15:54 - 2018-05-22 23:52 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-13 15:54 - 2018-05-22 23:52 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-13 15:54 - 2018-05-22 23:52 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-13 15:54 - 2018-05-22 23:52 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-13 15:54 - 2018-05-22 23:52 - 000002820 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MYSTERYSHACK-The Pines
2019-04-13 15:54 - 2018-05-22 23:52 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-11 18:24 - 2016-12-03 23:02 - 000000000 ____D C:\Users\The Pines\AppData\Local\CrashDumps
2019-04-09 22:02 - 2018-05-22 23:28 - 000233856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-09 22:00 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-09 21:59 - 2018-04-11 18:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-09 21:59 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-09 18:02 - 2016-12-03 23:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-09 17:09 - 2016-12-04 10:27 - 000000000 ____D C:\Program Files (x86)\World of Warcraft

==================== Files in the root of some directories =======

2018-04-11 18:34 - 2018-04-11 18:34 - 000060416 ____N (Microsoft Corporation) C:\Users\The Pines\ysOEfiza.exe
2018-04-11 18:34 - 2018-04-11 18:34 - 000060416 ____N (Microsoft Corporation) C:\Users\The Pines\AppData\Roaming\jOUCBIzW.exe
2018-04-11 18:34 - 2018-04-11 18:34 - 000178688 ____N (Microsoft Corporation) C:\Users\The Pines\AppData\Roaming\UUYunPd.exe
2018-08-18 10:02 - 2018-08-18 10:02 - 000000002 _____ () C:\Users\The Pines\AppData\Local\imw.ini
2018-09-25 18:17 - 2018-09-25 18:17 - 000000000 _____ () C:\Users\The Pines\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites


Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome

Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset and clean up" > "Restore settings to their original defaults"
 
Restart Chrome.
===

If the problem persists and Chrome is Synced with other Devices check this out.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

Execute the suggested fix.
===========

Or this could be the issue.
Adds by notification

I could  look like Ads from the notification on the bottom and  right side of some pages.
Next time you see an ad click on the notice on the right of the taskbar.
If you see a setting wheel open it and change the setting to stop the notifications.

How to Disable Notifications in Google Chrome
https://gadgets.ndtv.com/apps/features/how-to-disable-notifications-in-google-chrome-643057

Add the site to your block list.

How did I get this.
https://forums.malwarebytes.com/topic/245131-random-i_bongacash-javascript-injection/
---

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.