Jump to content
whatYEARisITimLOST

need help removing pup.optinal.softonic and pup.optional.legacy

Recommended Posts

Hello everyone, I've recently installed AdwCleaner, and the first time I used it, it got 17 or so detections, and ever since, my computer has been running faster, which is great. However, I've recently scanned my computer again and came across three detections, two are in the registry and are classified as "PUP.Optional.Legacy," and one is a "Chrome Search Provider" and is related to Softonic EN. This has become a problem that I need help with, because every time I reboot my computer, all three reappear. I have tried to remove them using CCleaner, HitmanPro, and Malwarebytes. None of them helped, and the Adware kept re-appearing. I've done a fair amount of research on removing re-appearing Adware, but nothing helped. So, I've come here as a last resort to ask for help removing the Adware.

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Please post the logs for my review.

Let me know what problems persists.

Wait for further instructions
====

p.s.
Let me know if the browser you normally use is Synced with other devices.

Share this post


Link to post
Share on other sites

Hello, first I'd like to let you know that my browser is normally Synced with other devices. Second, here is the contents of FRST.txt

Quote

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by deans (administrator) on DESKTOP-DEANSAL (04-01-2020 04:21:51)
Running from C:\Users\deans\Desktop
Loaded Profiles: deans (Available Profiles: deans)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\SpaceDeskServiceTray.exe
(Discord Inc. -> Discord Inc.) C:\Users\deans\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\deans\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\deans\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\deans\AppData\Local\Discord\app-0.0.305\Discord.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
(Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6268224 2019-12-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2018-01-15] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1598920 2017-06-30] (Razer USA Ltd. -> Razer Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-957313792-2718596857-4034026743-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-957313792-2718596857-4034026743-1001\...\Run: [Discord] => C:\Users\deans\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-957313792-2718596857-4034026743-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35519888 2019-08-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-957313792-2718596857-4034026743-1001\...\Run: [Gaijin.Net Agent] => C:\Users\deans\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-07-15] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-957313792-2718596857-4034026743-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15D2929B-C6C5-4B90-B0B4-C906DD37DC4B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AEF8E89-3991-4F11-9040-11AE68ACC781} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1474048 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {1D1B5B1C-6B6D-4359-B384-D25E500F4668} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397136 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F733FDA-7852-4FB4-BE70-B36FCC882A8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-18] (Google Inc -> Google Inc.)
Task: {20D562BC-D17D-4484-BC5E-478091C213E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2761698F-0491-4AE2-A358-4377A7D91EF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3976D5B6-AD35-4CE5-8E90-7D3802DF96BE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397136 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {39EB53A1-2B21-47A3-8ACD-96EBF4CB1EEB} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {4331D436-56A1-4E79-BCDD-820CE15034ED} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {46442BB5-E32F-4EA2-AE56-A0FECED83933} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50086CF3-D137-46CC-8C42-F5572915DBC1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53146E76-F2CD-40A8-A0C6-C056679A6F44} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53A85531-F260-4430-B02E-8809462C2EEE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042744 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AD5DB84-D941-4048-95E2-B12ED49E2186} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {739F6527-6007-4F60-88B7-7E775F6B9DD6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {789EE97B-658F-4613-8C3F-0514F8896DE8} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {80BFEDEE-939A-4953-8158-E660A2BE847C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8E7DBF0E-894C-40B4-B90F-B363A9C787AB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9190BBB0-E4B4-4D97-A174-E8CD2EF57BF5} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2019-11-03] (Microsoft Corporation -> Microsoft)
Task: {9DFAE956-DCB1-4770-9D50-77BB61069242} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400960 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E2D66C5-6C73-4418-9A30-C298D5459FAA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A03332C2-0A2E-4915-8CDA-93E1FC638C72} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400960 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {A19CCC60-ACFE-4276-BB83-21F146EDF1E9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B117D2E5-724A-44A3-B77D-B350E8B05F65} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE116529-015F-412C-B5EE-3A1F285E3213} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [96600 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C03449EA-78AE-47C3-AE24-4CDC2056BA0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {D6FE592A-E9F1-43E5-B1B7-E008B350B66A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DBB24AFC-D145-4220-ABA1-AB9ED3375C9A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042744 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2D7EC7F-C869-4F4B-992A-D091D111D94A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E535C58B-36F9-483E-856E-4798D2E6FCD8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5B738F3-32B3-49AB-9FF1-46848B3FFF5B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [751920 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F144CFCE-4C0A-4B53-9530-3D513818105E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [96600 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8D6F767-6349-4F87-9160-FB9BB791A284} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC872A81-F0B8-449A-8B41-5A24EED4AA4C} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-957313792-2718596857-4034026743-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {FD5FFE0D-F3DF-44A7-9752-A1A68DC1C402} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-18] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{674d84ec-2451-43a9-acff-d44ec7dff530}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\deans\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-957313792-2718596857-4034026743-1001 -> hxxps://www.youtube.com/

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://youtube.com/","hxxp://gmail.com/","hxxps://reddit.com/r/2007scape/","hxxp://oldschool.runescape.com/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-01-04]
CHR DownloadDir: C:\Users\deans\Desktop
CHR Extension: (Slides) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-30]
CHR Extension: (Docs) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-30]
CHR Extension: (Google Drive) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-30]
CHR Extension: (YouTube) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-30]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-30]
CHR Extension: (Perseid Meteor Shower) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ebnnmaidekkikikpjeldibcdgkomjioi [2019-11-30]
CHR Extension: (Sheets) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-30]
CHR Extension: (Enable Right Click) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpeddepmnbmkjfnhifmggnjdggibjjkf [2019-11-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-30]
CHR Extension: (Gmail) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-30]
CHR Extension: (Chrome Media Router) - C:\Users\deans\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2019-10-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11156344 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-18] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-12-17] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-08] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [190536 2018-07-27] (Parsec Cloud, Inc. -> Parsec)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2018-06-03] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2018-06-03] (Even Balance, Inc. -> )
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] (Razer USA Ltd. -> )
R2 spacedeskService; C:\WINDOWS\System32\spacedeskService.exe [909736 2018-12-12] (Datronicsoft, Inc. -> )
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-08-29] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.8.1\dbk64.sys [136048 2018-06-10] (Cheat Engine -> )
R3 e1rexpress; C:\WINDOWS\System32\drivers\e1r68x64.sys [592240 2019-05-17] (Intel(R) INTELND1820 -> Intel Corporation)
R0 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [270304 2019-12-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2020-01-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-01-03] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ffb45b74346b667\nvlddmkm.sys [22749640 2019-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer USA Ltd. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer USA Ltd. -> Razer, Inc.)
R3 spacedeskKtmInputKeybd; C:\WINDOWS\System32\drivers\spacedeskKtmInputKeybd.sys [35240 2018-10-12] (Datronicsoft, Inc. -> )
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2018-10-12] (Datronicsoft, Inc. -> )
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [213080 2018-08-14] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-08-14] (Oracle Corporation -> Oracle Corporation)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 CM_VENDER_CMD; \??\C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-04 04:21 - 2020-01-04 04:24 - 000034821 _____ C:\Users\deans\Desktop\FRST.txt
2020-01-04 04:06 - 2020-01-04 04:24 - 000000000 ____D C:\FRST
2020-01-04 03:36 - 2020-01-04 03:37 - 002272256 _____ (Farbar) C:\Users\deans\Desktop\FRST64.exe
2020-01-03 22:56 - 2020-01-03 23:00 - 000000000 ____D C:\Users\deans\AppData\Local\CastleMinerZ
2020-01-03 14:46 - 2020-01-03 14:46 - 002677304 _____ (Kingston Technology Corporation) C:\Users\deans\Desktop\HyperX_Cloud_II_Firmware_Updater_Rev_0010.exe
2020-01-03 14:26 - 2020-01-03 14:35 - 000000000 ____D C:\Users\Public\spacedesk_logs
2020-01-03 14:26 - 2020-01-03 14:26 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-03 14:26 - 2020-01-03 14:26 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-02 01:00 - 2020-01-02 01:00 - 000000000 ____D C:\Users\deans\AppData\Roaming\Valve Corporation
2019-12-31 02:57 - 2019-12-31 02:57 - 000418568 _____ C:\Users\deans\Desktop\cc_20191231_025706.reg
2019-12-30 15:25 - 2019-12-30 15:25 - 000000000 ____D C:\ProgramData\dbg
2019-12-29 17:12 - 2019-12-29 17:12 - 000000000 ____D C:\Users\deans\AppData\Local\CAPCOM
2019-12-28 01:48 - 2019-12-28 01:48 - 000000000 ____D C:\Users\deans\AppData\Local\kotlin
2019-12-27 23:55 - 2019-12-27 23:55 - 000000000 ____D C:\Program Files\DIFX
2019-12-27 23:54 - 2019-12-27 23:54 - 002278152 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2019-12-27 23:54 - 2019-12-27 23:54 - 000214328 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2019-12-27 23:54 - 2019-12-27 23:54 - 000199472 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2019-12-27 23:54 - 2019-12-27 23:54 - 000092424 _____ (Broadcom Corporation.) C:\WINDOWS\system32\btwdi.dll
2019-12-27 23:54 - 2019-12-27 23:54 - 000069852 _____ C:\WINDOWS\system32\Drivers\BCM20702A1_001.002.014.1443.1467.hex
2019-12-22 20:14 - 2019-12-22 20:16 - 000000000 ____D C:\ProgramData\USVFS
2019-12-22 20:14 - 2019-12-22 20:15 - 000000000 ____D C:\Users\deans\AppData\Local\ModOrganizer
2019-12-22 19:18 - 2019-12-22 19:18 - 000000000 ____D C:\Users\deans\Documents\LOOT
2019-12-18 14:01 - 2019-12-18 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-12-17 13:30 - 2019-12-17 13:30 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-12-17 13:30 - 2019-12-17 13:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-12-17 13:30 - 2019-12-17 13:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-12-17 13:30 - 2019-12-17 13:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-12-15 14:07 - 2019-12-15 14:09 - 000000022 _____ C:\Users\deans\Downloads\tModLoader.Windows.v0.11.5.zip
2019-12-15 12:11 - 2019-12-15 12:11 - 000000000 ____D C:\Users\deans\AppData\LocalLow\spleen
2019-12-13 03:43 - 2019-12-13 03:43 - 000000000 ____D C:\Users\deans\AppData\Local\IsolatedStorage
2019-12-11 00:12 - 2019-12-11 00:12 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 00:12 - 2019-12-11 00:12 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-11 00:12 - 2019-12-11 00:12 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 00:12 - 2019-12-11 00:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-11 00:12 - 2019-12-11 00:12 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-11 00:12 - 2019-12-11 00:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-08 20:12 - 2019-12-08 20:17 - 000000000 ____D C:\Program Files\reWASD
2019-12-08 20:12 - 2019-12-08 20:12 - 000270304 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\hidgamemap.sys
2019-12-08 20:12 - 2019-12-08 20:12 - 000000000 ____D C:\Users\Public\Documents\reWASD
2019-12-08 20:12 - 2019-12-08 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\reWASD
2019-12-08 20:12 - 2019-12-08 20:12 - 000000000 ____D C:\ProgramData\Documents\reWASD
2019-12-08 20:12 - 2019-12-08 20:12 - 000000000 ____D C:\ProgramData\Disc-Soft
2019-12-08 19:02 - 2019-12-08 19:02 - 000000000 ____D C:\Users\deans\AppData\LocalLow\Garalina
2019-12-08 18:21 - 2019-12-08 18:50 - 000000000 ____D C:\Users\deans\CacheMonkeyDump
2019-12-08 18:21 - 2019-12-08 18:27 - 000000000 ____D C:\Users\deans\AppData\Roaming\cache-monkey
2019-12-08 18:21 - 2019-12-08 18:21 - 000000000 ____D C:\Users\deans\AppData\Roaming\CacheMonkey
2019-12-08 18:21 - 2019-12-08 18:21 - 000000000 ____D C:\Users\deans\AppData\Local\cache-monkey-updater
2019-12-08 17:03 - 2019-12-22 20:14 - 000000000 ____D C:\Users\deans\AppData\Local\cache
2019-12-08 02:24 - 2019-12-08 02:24 - 000000000 ____D C:\Users\deans\AppData\Local\install

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-04 04:25 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-04 03:23 - 2019-08-31 04:10 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6837BACF-BA86-4618-8C0E-36707F22BF93}
2020-01-04 02:26 - 2018-02-18 16:25 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-04 01:50 - 2018-02-18 16:53 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-03 14:26 - 2019-08-31 04:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-03 04:48 - 2019-03-18 22:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-03 04:45 - 2018-02-18 19:52 - 000000000 ____D C:\Users\deans\AppData\Roaming\discord
2020-01-03 01:23 - 2019-03-18 16:25 - 000000000 ____D C:\Users\deans\AppData\Local\.IdentityService
2020-01-02 03:58 - 2018-02-18 16:24 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-02 03:57 - 2019-08-31 04:10 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-08-31 04:10 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-02 03:57 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-02 03:57 - 2018-02-18 16:24 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-02 03:57 - 2018-02-18 16:24 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-02 02:18 - 2018-09-15 21:12 - 000000000 ____D C:\Users\deans\AppData\Roaming\Parsec
2020-01-01 05:01 - 2018-02-28 18:48 - 000000000 ____D C:\Users\deans\AppData\Local\CrashDumps
2020-01-01 04:40 - 2019-01-28 22:08 - 000000000 ____D C:\Users\deans\Desktop\CLIPS
2019-12-31 23:53 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-31 23:53 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-31 22:14 - 2018-02-18 22:05 - 000000000 ____D C:\Users\deans\AppData\Roaming\audacity
2019-12-31 21:37 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-12-31 13:31 - 2019-08-31 03:47 - 000438040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-28 04:27 - 2019-08-31 04:03 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-28 00:20 - 2019-02-23 15:00 - 000000000 ____D C:\Program Files\Common Files\Logitech
2019-12-28 00:13 - 2018-02-18 21:52 - 000000000 ____D C:\Users\deans\AppData\Local\ElevatedDiagnostics
2019-12-27 00:24 - 2019-08-31 03:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-26 21:28 - 2018-05-16 17:05 - 000000000 ____D C:\Users\deans\AppData\Local\D3DSCache
2019-12-25 23:07 - 2018-03-02 22:43 - 000000000 ____D C:\Users\deans\AppData\Roaming\obs-studio
2019-12-25 01:23 - 2018-02-25 14:40 - 000000000 ____D C:\Users\deans\AppData\Roaming\.minecraft
2019-12-22 19:59 - 2019-04-12 17:36 - 000000000 ____D C:\Users\deans\AppData\Local\LOOT
2019-12-22 19:18 - 2019-04-12 17:34 - 000000742 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT.lnk
2019-12-22 02:41 - 2018-02-18 16:42 - 000000000 ___RD C:\Users\deans\Dropbox
2019-12-20 11:50 - 2018-02-18 16:30 - 000000000 ____D C:\Users\deans\AppData\Local\Packages
2019-12-20 00:04 - 2019-07-04 03:57 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-18 14:48 - 2018-02-18 16:49 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 14:48 - 2018-02-18 16:49 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-18 14:48 - 2018-02-18 16:49 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-18 14:02 - 2018-02-18 16:39 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-18 02:58 - 2019-03-18 16:24 - 000002205 _____ C:\Users\deans\Desktop\devenv.lnk
2019-12-18 02:58 - 2019-02-27 13:35 - 000001639 _____ C:\Users\deans\Desktop\vegas140.lnk
2019-12-18 02:58 - 2018-02-26 15:25 - 000001595 _____ C:\Users\deans\Desktop\Minecraft.lnk
2019-12-18 02:58 - 2018-02-18 19:52 - 000002233 _____ C:\Users\deans\Desktop\Discord.lnk
2019-12-15 20:38 - 2018-03-05 15:59 - 000000000 ____D C:\Users\deans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-12-13 22:44 - 2018-03-19 18:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-13 22:41 - 2019-08-31 04:10 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 22:41 - 2019-08-31 04:10 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 03:24 - 2019-03-19 12:49 - 000000000 ____D C:\Users\deans\.templateengine
2019-12-11 17:22 - 2018-02-18 16:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-11 17:22 - 2018-02-18 16:31 - 000000000 ___RD C:\Users\deans\3D Objects
2019-12-11 05:45 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-11 05:45 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-11 05:45 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 00:23 - 2018-02-19 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 00:18 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 00:18 - 2018-02-19 18:33 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-08 18:21 - 2019-08-30 02:23 - 000000000 ____D C:\Users\deans
2019-12-08 17:15 - 2019-12-01 06:55 - 000000000 ____D C:\Users\deans\Documents\Antivirus
2019-12-08 17:02 - 2019-07-04 03:58 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-08 08:47 - 2018-06-26 16:05 - 002859872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-12-08 08:47 - 2018-06-26 16:05 - 002221064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-12-08 08:47 - 2018-06-26 16:05 - 001321496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-12-07 22:31 - 2018-02-26 20:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-07 08:21 - 2018-02-28 19:39 - 000174560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2019-12-07 08:21 - 2018-02-28 19:39 - 000149472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2019-12-05 15:24 - 2019-07-06 04:41 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-12-05 06:04 - 2019-08-31 04:10 - 000002542 _____ C:\WINDOWS\system32\Tasks\CAM
2019-12-05 06:03 - 2019-08-31 04:10 - 000002492 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-12-05 05:56 - 2018-02-19 20:11 - 000000000 ____D C:\Users\deans\Desktop\emulators
2019-12-05 00:04 - 2018-02-18 19:39 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2019-12-05 00:03 - 2018-02-18 19:39 - 000000000 ____D C:\Program Files\paint.net

==================== Files in the root of some directories ========

2018-06-27 18:10 - 2018-06-28 01:31 - 000007597 _____ () C:\Users\deans\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Addition.txt

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Your logs are clean of malware.

If the problem persists and Chrome is Synced with other Devices reset it.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
https://support.google.com/chrome/answer/185277

Execute the suggested fix.

Restart the computer normally.
===========

Is the problem solved?

Share this post


Link to post
Share on other sites

The problem is solved, thank you. I ran Farbar Recovery Scan Tool which got rid of the registry problems, and the Google Chrome Sync fix worked for me, thank you once again!

Share this post


Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.