Mackiirios
Posts: 38 +0
FRST.TXT
FireFox:
========
FF DefaultProfile: qwu42ts8.default
FF ProfilePath: C:\Users\riosme\AppData\Roaming\Mozilla\Firefox\Profiles\qwu42ts8.default [2020-09-05]
FF ProfilePath: C:\Users\riosme\AppData\Roaming\Mozilla\Firefox\Profiles\79wac15n.default-release [2020-09-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-10-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-10-13] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default [2020-05-31]
CHR Notifications: Default -> hxxps://beta.faceit.com; hxxps://linustechtips.com; hxxps://mail.google.com; hxxps://mg.mail.yahoo.com; hxxps://padlet.com; hxxps://twitter.com; hxxps://us-mg6.mail.yahoo.com; hxxps://web.telegram.org; hxxps://www.faceit.com; hxxps://www.honestbee.ph; hxxps://www.honestbee.sg; hxxps://www.instagram.com; hxxps://www.messenger.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://home.sweetim.com/?barid={AA2C4760-B312-11E2-957B-A1226FF24364}&crg=3.1010000.10011&st=23"
CHR NewTab: Default -> Active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html"
CHR Extension: (Slides) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (Turn Off the Lights for YouTube™) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2019-07-08]
CHR Extension: (YouTube) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-01]
CHR Extension: (Ban Checker for Steam) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2019-03-23]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-30]
CHR Extension: (Steam Inventory Helper) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2019-06-30]
CHR Extension: (Google Search) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Infinity New Tab - Productivity&Speed Dial) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg [2019-06-22]
CHR Extension: (Sheets) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (NetBeans Connector) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2019-01-28]
CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-08-13]
CHR Extension: (SteamWizard) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojolejmgolbhakghocbgjemjgbmcjig [2019-03-13]
CHR Extension: (Fair AdBlocker) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2019-06-22]
CHR Extension: (Boomerang for Gmail) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-10-17]
CHR Extension: (Facebook Screen Sharing) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfpggehkhmjpdjpefomjchjafhmbnai [2018-06-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Material Dark) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\npadhaijchjemiifipabpmeebeelbmpd [2018-10-11]
CHR Extension: (Speedtest by Ookla) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2019-04-09]
CHR Extension: (Gmail) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-30]
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-10]
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-10]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001) Opera GXStable - "C:\Users\riosme\AppData\Local\Programs\Opera GX\Launcher.exe"
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2020-08-02]
BRA Notifications: Default -> hxxps://mail.google.com; hxxps://meet.google.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.messenger.com; hxxps://www.youtube.com; hxxps://www1.ecleneue.com
BRA NewTab: Default -> Active:"chrome-extension://hdpcadigjkbcpnlcpbcohpafiaefanki/index.html"
BRA Extension: (Google Translate) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
BRA Extension: (Ban Checker for Steam) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2020-05-05]
BRA Extension: (Steam Inventory Helper) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2020-07-24]
BRA Extension: (WhatRuns) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmkdbmfndkfgebldhnkbfhlneefdaaip [2020-01-31]
BRA Extension: (Dark Reader) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-07-28]
BRA Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2020-07-26]
BRA Extension: (nightTab) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdpcadigjkbcpnlcpbcohpafiaefanki [2020-06-16]
BRA Extension: (Grammarly for Chrome) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-07-31]
BRA Extension: (Boomerang for Gmail) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-07-23]
BRA Extension: (Custom Cursor for Chrome™) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2020-03-05]
BRA Extension: (Deep Space Theme in Black) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pembcnmmbjikdbodfllkkkdaegalobbj [2020-02-02]
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2020-06-10]
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2019-07-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-08-02]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-07-15]
BRA Extension: (Brave NTP sponsored images) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2020-08-02]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-07-23]
BRA Extension: (PDF Viewer) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-15]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-07-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-09] (BattlEye Innovations e.K. -> )
S2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-31] (Acer Incorporated -> Acer Incorporate)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2021-05-26] (Malwarebytes Inc -> Malwarebytes)
S3 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [File not signed]
S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [623504 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2522424 2020-11-10] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476800 2020-11-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2018-06-21] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [689040 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [283536 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-05-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10322376 2021-05-21] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWoW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2021-03-27] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWoW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2021-03-27] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2016-01-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 CCDMonitorService; "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" [X]
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
FireFox:
========
FF DefaultProfile: qwu42ts8.default
FF ProfilePath: C:\Users\riosme\AppData\Roaming\Mozilla\Firefox\Profiles\qwu42ts8.default [2020-09-05]
FF ProfilePath: C:\Users\riosme\AppData\Roaming\Mozilla\Firefox\Profiles\79wac15n.default-release [2020-09-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-10-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-10-13] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default [2020-05-31]
CHR Notifications: Default -> hxxps://beta.faceit.com; hxxps://linustechtips.com; hxxps://mail.google.com; hxxps://mg.mail.yahoo.com; hxxps://padlet.com; hxxps://twitter.com; hxxps://us-mg6.mail.yahoo.com; hxxps://web.telegram.org; hxxps://www.faceit.com; hxxps://www.honestbee.ph; hxxps://www.honestbee.sg; hxxps://www.instagram.com; hxxps://www.messenger.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://home.sweetim.com/?barid={AA2C4760-B312-11E2-957B-A1226FF24364}&crg=3.1010000.10011&st=23"
CHR NewTab: Default -> Active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html"
CHR Extension: (Slides) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (Turn Off the Lights for YouTube™) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2019-07-08]
CHR Extension: (YouTube) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-01]
CHR Extension: (Ban Checker for Steam) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2019-03-23]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-30]
CHR Extension: (Steam Inventory Helper) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2019-06-30]
CHR Extension: (Google Search) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Infinity New Tab - Productivity&Speed Dial) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg [2019-06-22]
CHR Extension: (Sheets) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (NetBeans Connector) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2019-01-28]
CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-08-13]
CHR Extension: (SteamWizard) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojolejmgolbhakghocbgjemjgbmcjig [2019-03-13]
CHR Extension: (Fair AdBlocker) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2019-06-22]
CHR Extension: (Boomerang for Gmail) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-10-17]
CHR Extension: (Facebook Screen Sharing) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfpggehkhmjpdjpefomjchjafhmbnai [2018-06-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Material Dark) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\npadhaijchjemiifipabpmeebeelbmpd [2018-10-11]
CHR Extension: (Speedtest by Ookla) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2019-04-09]
CHR Extension: (Gmail) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-30]
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-10]
CHR Profile: C:\Users\riosme\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-10]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-2423985164-1702367186-3377153497-1001) Opera GXStable - "C:\Users\riosme\AppData\Local\Programs\Opera GX\Launcher.exe"
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2020-08-02]
BRA Notifications: Default -> hxxps://mail.google.com; hxxps://meet.google.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.messenger.com; hxxps://www.youtube.com; hxxps://www1.ecleneue.com
BRA NewTab: Default -> Active:"chrome-extension://hdpcadigjkbcpnlcpbcohpafiaefanki/index.html"
BRA Extension: (Google Translate) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
BRA Extension: (Ban Checker for Steam) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2020-05-05]
BRA Extension: (Steam Inventory Helper) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2020-07-24]
BRA Extension: (WhatRuns) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmkdbmfndkfgebldhnkbfhlneefdaaip [2020-01-31]
BRA Extension: (Dark Reader) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-07-28]
BRA Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2020-07-26]
BRA Extension: (nightTab) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdpcadigjkbcpnlcpbcohpafiaefanki [2020-06-16]
BRA Extension: (Grammarly for Chrome) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-07-31]
BRA Extension: (Boomerang for Gmail) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-07-23]
BRA Extension: (Custom Cursor for Chrome™) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2020-03-05]
BRA Extension: (Deep Space Theme in Black) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pembcnmmbjikdbodfllkkkdaegalobbj [2020-02-02]
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2020-06-10]
BRA Profile: C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2019-07-18]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-08-02]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-07-15]
BRA Extension: (Brave NTP sponsored images) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2020-08-02]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-07-23]
BRA Extension: (PDF Viewer) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-15]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\riosme\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-07-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-09] (BattlEye Innovations e.K. -> )
S2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 JWC; C:\Program Files (x86)\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen Sanderson, Inc -> Jeppesen)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-31] (Acer Incorporated -> Acer Incorporate)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2021-05-26] (Malwarebytes Inc -> Malwarebytes)
S3 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [File not signed]
S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [623504 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2522424 2020-11-10] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476800 2020-11-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2018-06-21] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13688656 2021-03-24] (Adlice -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [689040 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [283536 2020-11-06] (Microsoft Corporation -> Microsoft Corporation)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-05-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10322376 2021-05-21] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWoW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2021-03-27] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWoW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2021-03-27] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2016-01-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 CCDMonitorService; "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" [X]
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_40621b878a52ca15\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]