|
-
December 12th, 2020, 08:40 AM
#1
 [RESOLVED] somethings ****y
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-12-2020
Ran by amber (administrator) on DESKTOP-FG2HJ54 (12-12-2020 05:35:59)
Running from C:\Users\amber\Downloads
Loaded Profiles: amber
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] D:\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.66.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <16>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <4>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7269\Agent.exe
(Discord Inc. -> Discord Inc.) C:\Users\amber\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <54>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2012.1003.34.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.142.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe <2>
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2019-08-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951968 2019-07-09] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Discord] => C:\Users\amber\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3145504 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32711056 2020-12-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090024 2020-12-10] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [7864296 2019-10-02] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [12822184 2020-03-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Run: [AvastBrowserAutoLaunch_36C80EFD8CFDC4184B8BB37233C91D97] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2076011033-3280622806-4239828195-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16F71FE4-75A6-4B58-9D5A-A0EE2325021E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1532312 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {26E0328F-5FAB-47FA-84E1-9F9542629AF7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2866A4C3-FB21-42DE-8B1D-166F5E5A9546} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-12-12] (Avast Software s.r.o. -> Avast Software)
Task: {3A063400-7B95-459B-AB92-2131DCE28020} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40862B19-60B2-4257-A004-1A1225B63593} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
Task: {572D0DF4-AE5D-4B5F-9AFB-2E2E3188583E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
Task: {59F6AF24-F4AE-4E8E-BDD0-1D689D085B00} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A79E65C-2E83-42C9-9861-9A34113067BD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {5D18214A-64D4-4756-9A86-7E993E229B0D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68D65C33-ED75-4E8A-B6AF-E80B4D4CB33C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E2553D2-3089-457F-938B-30070B84F2B6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2774904 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E29E651-24DB-41F1-B1D7-64FB27E8C9CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-01] (Google Inc -> Google LLC)
Task: {6FD19644-AB03-4D06-951E-69201FE82168} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {74F44EEF-6808-46B5-867B-3244251E3984} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {9954BD47-EAE3-4FFF-ADCA-D0BB8EE0D3BA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A2DE60F9-7D5A-4B3D-ADA4-D327A916DF69} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC0A6B8B-C6B6-4396-8433-157CD2B828E7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AEFF61D5-955F-4281-BC99-93511512C3A7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC4A9CE9-CBDC-4F70-B543-3EB04FCB019B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-01] (Google Inc -> Google LLC)
Task: {CD6CB822-F8AE-40BC-B4AE-44B1FCFE7305} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {CF6FE57D-94E5-4372-95C0-905DFFF9932C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E7070102-ECA3-44E1-B7E1-1AD0F0C3C33C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4762CA9-04BD-4C8E-9928-16E0EA263B5D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB735597-2459-436D-BD1F-FE5F2B871DFE} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6595f12a-951c-4239-a931-e4b44c1638c4}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{d7acc265-a5ff-45fd-a2e2-8b56def4d436}: [DhcpNameServer] 64.59.135.149 64.59.128.111
Edge:
======
Edge Profile: C:\Users\amber\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-12]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default [2020-12-12]
CHR Notifications: Default -> hxxps://www.razer.com
CHR Extension: (Slides) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-01]
CHR Extension: (Just Black) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-05]
CHR Extension: (Docs) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-01]
CHR Extension: (Google Drive) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-06]
CHR Extension: (YouTube) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-01]
CHR Extension: (Honey) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-12-03]
CHR Extension: (Sheets) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-01]
CHR Extension: (Google Docs Offline) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-03]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
CHR Extension: (Grammarly for Chrome) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-12-12]
CHR Extension: (Zoom Scheduler) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2020-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\amber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-05]
CHR Profile: C:\Users\amber\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8850192 2020-11-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileSyncHelper.exe [2188664 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [5840360 2019-10-02] (GlassWire -> SecureMix LLC)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-10-26] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\OneDriveUpdaterService.exe [2553200 2020-10-27] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2020-02-28] (Even Balance, Inc. -> )
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1110104 2020-11-20] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [320088 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294640 2020-11-17] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1453184 2020-08-19] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-22] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-10-09] (Razer USA Ltd. -> Razer Inc.)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182120 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppShopDrv103; C:\Windows\SysWOW64\Drivers\AppShopDrv103.sys [34568 2019-12-28] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2019-08-01] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104n; C:\Windows\SysWOW64\Drivers\AsrDrv104n.sys [33000 2019-08-01] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16832 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469472 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216984 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326064 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-09-13] (Microsoft Corporation) [File not signed]
R1 EneIo; C:\Windows\system32\drivers\ene.sys [16320 2018-03-20] (Ptolemy Tech Co., Ltd -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (GlassWire -> SecureMix LLC)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-05] (Malwarebytes Inc -> Malwarebytes)
S3 MSIO; C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0064; C:\Windows\System32\drivers\RzDev_0064.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2020-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-03] (Microsoft Windows -> Microsoft Corporation)
U4 AppMgmt; no ImagePath
U3 avgbdisk; no ImagePath
U4 CscService; no ImagePath
U4 napagent; no ImagePath
U4 PeerDistSvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-12 05:35 - 2020-12-12 05:36 - 000031873 _____ C:\Users\amber\Downloads\FRST.txt
2020-12-12 05:03 - 2020-12-12 05:36 - 000000000 ____D C:\FRST
2020-12-12 05:01 - 2020-12-12 05:02 - 002289152 _____ (Farbar) C:\Users\amber\Downloads\FRST64.exe
2020-12-12 04:58 - 2020-12-12 04:58 - 005712776 _____ (COMODO) C:\Users\amber\Downloads\cav_installer_138430010_1a (1).exe
2020-12-12 04:49 - 2020-12-12 04:49 - 000003856 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-12-12 04:49 - 2020-12-12 04:49 - 000003456 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
2020-12-12 04:49 - 2020-12-12 04:49 - 000003332 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
2020-12-12 04:49 - 2020-12-12 04:49 - 000003272 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-12-12 04:49 - 2020-12-12 04:49 - 000002588 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-12-12 04:49 - 2020-12-12 04:49 - 000002553 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-12-12 04:49 - 2020-12-12 04:49 - 000002553 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-12-12 04:49 - 2020-12-12 04:49 - 000000000 ____D C:\Users\amber\AppData\Local\AVAST Software
2020-12-12 04:48 - 2020-12-12 04:48 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-12-12 04:48 - 2020-12-12 04:48 - 000002120 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-12-12 04:48 - 2020-12-12 04:48 - 000002120 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-12-12 04:47 - 2020-12-12 04:47 - 000851256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000522480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000469472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000340576 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-12-12 04:47 - 2020-12-12 04:47 - 000332880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000326064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000247888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000216984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000208672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000176384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000108928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000097360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000084496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000042424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000036792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000016832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2020-12-12 04:47 - 2020-12-12 04:47 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-12-12 04:47 - 2020-12-12 04:47 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-12-12 04:47 - 2020-12-12 04:47 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-12-12 04:47 - 2020-12-12 04:47 - 000000000 ____D C:\Program Files\Avast Software
2020-12-12 04:43 - 2020-12-12 04:43 - 000220784 _____ (AVAST Software) C:\Users\amber\Downloads\avast_free_antivirus_setup_online (2).exe
2020-12-12 04:38 - 2020-12-12 04:38 - 000000052 _____ C:\Users\amber\Desktop\nbhghgmd.txt
2020-12-12 04:28 - 2020-12-12 04:28 - 000000000 ____D C:\ProgramData\Shared Space
2020-12-12 04:28 - 2020-12-12 04:28 - 000000000 ____D C:\ProgramData\Comodo
2020-12-12 04:27 - 2020-12-12 04:27 - 005712776 _____ (COMODO) C:\Users\amber\Downloads\cav_installer_138430010_1a.exe
2020-12-12 02:41 - 2020-12-12 02:41 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-12-12 00:58 - 2020-12-12 00:58 - 000780805 _____ C:\Users\amber\Downloads\covid19dataexport (2).xlsx
2020-12-12 00:52 - 2020-12-12 00:52 - 000780805 _____ C:\Users\amber\Downloads\covid19dataexport (1).xlsx
2020-12-12 00:50 - 2020-12-12 00:50 - 000780805 _____ C:\Users\amber\Downloads\covid19dataexport.xlsx
2020-12-12 00:49 - 2020-12-12 00:49 - 000119581 _____ C:\Users\amber\Downloads\covid19dataexport.csv
2020-12-10 14:22 - 2020-12-10 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-12-10 14:22 - 2020-12-10 14:22 - 000000000 ____D C:\Program Files\Logitech
2020-12-10 00:17 - 2020-12-10 00:17 - 002045952 _____ C:\Windows\system32\rdpnano.dll
2020-12-10 00:17 - 2020-12-10 00:17 - 000171008 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2020-12-10 00:17 - 2020-12-10 00:17 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2020-12-10 00:17 - 2020-12-10 00:17 - 000000357 _____ C:\Windows\system32\DrtmAuth14.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000357 _____ C:\Windows\system32\DrtmAuth13.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-12-10 00:17 - 2020-12-10 00:17 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-12-10 00:16 - 2020-12-10 00:16 - 001756600 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-12-10 00:16 - 2020-12-10 00:16 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-12-10 00:16 - 2020-12-10 00:16 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2020-12-10 00:16 - 2020-12-10 00:16 - 000059392 _____ C:\Windows\system32\runexehelper.exe
2020-12-10 00:16 - 2020-12-10 00:16 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2020-12-06 04:50 - 2020-12-06 04:51 - 414490204 _____ C:\Users\amber\Downloads\DEFAULT_1Rwbs-13_Burnt_Horizon_light.zip
2020-12-05 22:21 - 2020-12-05 22:21 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-12-05 22:21 - 2020-12-05 22:21 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-11-27 15:44 - 2020-11-27 15:45 - 000000000 ____D C:\Users\amber\AppData\Local\Citra
2020-11-27 15:44 - 2020-11-27 15:44 - 000000000 ____D C:\Users\amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra
2020-11-27 15:43 - 2020-11-27 15:43 - 019701636 _____ C:\Users\amber\Downloads\citra-setup-windows.exe
2020-11-20 04:58 - 2020-11-20 04:58 - 000206936 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2020-11-20 04:58 - 2020-11-20 04:58 - 000181848 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
2020-11-16 23:45 - 2020-11-16 23:45 - 000187544 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastAPI64.dll
2020-11-16 23:45 - 2020-11-16 23:45 - 000164512 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastManager64.dll
2020-11-16 23:45 - 2020-11-16 23:45 - 000153240 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastAPI.dll
2020-11-16 23:45 - 2020-11-16 23:45 - 000134304 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastManager.dll
2020-11-14 05:18 - 2020-10-20 23:31 - 000079376 _____ (Razer Inc) C:\Windows\system32\RazerS3Coinstaller.dll
2020-11-12 23:04 - 2020-11-12 23:04 - 000000000 ____D C:\Users\amber\AppData\LocalLow\Mediatonic
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-12 05:37 - 2019-08-01 16:07 - 000000000 ____D C:\Users\amber\AppData\Roaming\Origin
2020-12-12 05:35 - 2019-08-01 16:04 - 000000000 ____D C:\Users\amber\AppData\Roaming\Discord
2020-12-12 05:35 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-12 05:33 - 2020-01-04 00:23 - 000000000 ____D C:\Users\amber\AppData\Local\Battle.net
2020-12-12 04:48 - 2020-04-02 22:04 - 000000000 ____D C:\Users\amber\AppData\Roaming\Avast Software
2020-12-12 04:48 - 2020-04-02 22:03 - 000000000 ____D C:\ProgramData\Avast Software
2020-12-12 04:47 - 2019-03-18 21:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-12-12 02:57 - 2019-08-01 15:37 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-12 02:50 - 2019-08-01 16:15 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-12-12 02:50 - 2019-08-01 16:07 - 000000000 ____D C:\ProgramData\Origin
2020-12-12 02:49 - 2019-08-01 16:07 - 000000000 ____D C:\Users\amber\AppData\Local\Origin
2020-12-12 02:47 - 2019-08-01 15:38 - 000840852 _____ C:\Windows\system32\PerfStringBackup.INI
2020-12-12 02:47 - 2019-03-18 21:50 - 000000000 ____D C:\Windows\INF
2020-12-12 02:41 - 2020-01-04 00:22 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-12-12 02:41 - 2019-08-01 16:05 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-12 02:41 - 2019-08-01 15:41 - 000000000 ___RD C:\Users\amber\OneDrive
2020-12-12 02:41 - 2019-08-01 13:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-12 02:41 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-12 02:41 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\AppReadiness
2020-12-12 02:40 - 2019-03-18 21:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-12-12 02:37 - 2019-08-01 13:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-12-12 01:03 - 2019-08-01 15:39 - 000000000 ____D C:\Users\amber\AppData\Local\Packages
2020-12-11 21:16 - 2020-06-21 21:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-10 14:25 - 2019-08-01 15:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 14:25 - 2019-08-01 15:39 - 000000000 ___RD C:\Users\amber\3D Objects
2020-12-10 14:25 - 2019-08-01 13:32 - 000439904 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\SystemResources
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\oobe
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\Dism
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\bcastdvr
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 14:24 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 00:21 - 2019-03-18 21:37 - 000000000 ____D C:\Windows\CbsTemp
2020-12-08 02:02 - 2020-01-23 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-12-08 02:02 - 2019-08-01 16:14 - 000000000 ____D C:\Users\amber\AppData\Local\D3DSCache
2020-12-08 02:01 - 2019-08-01 19:47 - 000000000 ____D C:\Users\amber\AppData\Local\Ubisoft Game Launcher
2020-12-07 12:18 - 2019-08-01 16:04 - 000000000 ____D C:\Users\amber\AppData\Local\Discord
2020-12-06 02:46 - 2019-11-06 19:03 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-05 22:22 - 2020-07-26 10:38 - 000001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-05 22:21 - 2019-11-13 22:04 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-12-03 21:57 - 2019-08-01 13:32 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-12-03 11:32 - 2019-08-01 15:41 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-03 11:32 - 2019-08-01 15:41 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-02 22:07 - 2019-08-01 15:40 - 000000000 ____D C:\Users\amber\AppData\Local\PlaceholderTileLogoFolder
2020-12-02 21:47 - 2020-01-23 15:59 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-12-02 21:47 - 2019-08-01 16:14 - 000000000 ____D C:\Program Files (x86)\Origin
2020-12-02 15:32 - 2019-08-01 15:42 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-27 18:40 - 2020-06-21 21:57 - 000003480 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-27 18:40 - 2020-06-21 21:57 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-24 00:51 - 2020-04-27 12:24 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-11-20 23:01 - 2020-10-01 00:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-20 23:01 - 2020-05-18 13:49 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2020-11-20 23:01 - 2019-12-14 01:35 - 000170424 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2020-11-20 23:01 - 2019-10-09 00:08 - 000033728 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2020-11-20 23:01 - 2019-09-22 20:27 - 001562560 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2020-11-20 23:01 - 2019-09-22 20:27 - 000158136 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2020-11-20 23:01 - 2019-09-22 20:27 - 000154032 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2020-11-14 00:18 - 2019-08-01 15:37 - 000000000 ____D C:\Users\amber
2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\TextInput
2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\setup
2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-14 00:18 - 2019-03-18 21:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-12 23:04 - 2019-11-11 22:22 - 000000000 ____D C:\Users\amber\AppData\Roaming\EasyAntiCheat
2020-11-12 11:00 - 2020-10-01 00:55 - 000907064 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2020-11-12 10:59 - 2020-10-01 00:55 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
