Hi, my computer wakes up from sleep and sometimes it restarts by itself and in event viewer there is lots of conflicts. So I'm little worried I may have some kind of virus/malware
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by koski (administrator) on PREDATOR (22-09-2018 23:22:53)
Running from C:\Users\koski\Desktop
Loaded Profiles: koski (Available Profiles: koski)
Platform: Windows 10 Pro Version 1803 17134.286 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsorsp64.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fshoster64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsulprothoster.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Valve Corporation) G:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8841472 2018-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2018-07-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [137464 2018-07-02] (Intel)
HKU\S-1-5-21-4004542635-2087850760-1770400530-1001\...\Run: [Steam] => g:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-4004542635-2087850760-1770400530-1001\...\Run: [Spotify] => C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe [25061776 2018-09-20] (Spotify Ltd)
HKU\S-1-5-21-4004542635-2087850760-1770400530-1001\...\Run: [Discord] => C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2018-07-27]
ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-07-27]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2aa6622e-c882-4ce5-81cf-27cf6d6cca7c}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-09-18] (Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_ie_https\fs_ie_https64.dll [2018-09-18] (F-Secure Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-09-18] (Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_ie_https\fs_ie_https.dll [2018-09-18] (F-Secure Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6348j8cm.default
FF ProfilePath: C:\Users\koski\AppData\Roaming\Mozilla\Firefox\Profiles\6348j8cm.default [2018-08-23]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-08-07] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018-09-18]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-27] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default [2018-09-22]
CHR Extension: (Slides) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-27]
CHR Extension: (Docs) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-27]
CHR Extension: (Google Drive) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-27]
CHR Extension: (YouTube) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-27]
CHR Extension: (Sheets) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-27]
CHR Extension: (Google Docs Offline) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2018-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-27]
CHR Extension: (Gmail) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-27]
CHR Extension: (Chrome Media Router) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-22]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atiesrxx.exe [496008 2018-08-03] (AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2018-07-27] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2018-07-27] () [File not signed]
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-09-15] (Microsoft Corporation)
S3 BcastDVRUserService_47c3c; C:\Windows\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_47c3c; C:\Windows\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-10] ()
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_47c3c; C:\Windows\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_47c3c; C:\Windows\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation)
S3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation)
S3 CaptureService; C:\Windows\System32\CaptureService.dll [125952 2018-04-12] (Microsoft Corporation)
S3 CaptureService_47c3c; C:\Windows\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_47c3c; C:\Windows\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-07-02] (Intel)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2018-07-27] (DTS)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-28] (EasyAntiCheat Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885992 2018-04-06] ()
R2 fshoster; C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fshoster64.exe [581160 2018-09-18] (F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsorsp64.exe [78304 2018-09-18] (F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsulprothoster.exe [581160 2018-09-18] (F-Secure Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2205504 2018-07-29] (Electronic Arts)
R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3075400 2018-07-29] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2018-07-29] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [185064 2018-04-06] ()
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885992 2018-04-06] ()
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-19] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-19] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atikmdag.sys [46783368 2018-08-03] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atikmpag.sys [578440 2018-08-03] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-07-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107496 2018-07-17] (Advanced Micro Devices)
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsulgk.sys [251728 2018-09-18] (F-Secure Corporation)
R1 F-Secure UL HIPS; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fshs.sys [112312 2018-09-18] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\drivers\fsbts.sys [65872 2018-08-09] ()
S0 fselms; C:\Windows\System32\drivers\fselms.sys [15360 2018-09-18] (F-Secure Corporation)
R3 fsni; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\fsni64.sys [112456 2018-09-18] (F-Secure Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-04-06] ()
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46896 2018-04-23] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 cpuz140; \??\C:\Users\koski\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by koski (administrator) on PREDATOR (22-09-2018 23:22:53)
Running from C:\Users\koski\Desktop
Loaded Profiles: koski (Available Profiles: koski)
Platform: Windows 10 Pro Version 1803 17134.286 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsorsp64.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fshoster64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsulprothoster.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Valve Corporation) G:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Spotify Ltd) C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Discord Inc.) C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8841472 2018-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2018-07-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [137464 2018-07-02] (Intel)
HKU\S-1-5-21-4004542635-2087850760-1770400530-1001\...\Run: [Steam] => g:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-4004542635-2087850760-1770400530-1001\...\Run: [Spotify] => C:\Users\koski\AppData\Roaming\Spotify\Spotify.exe [25061776 2018-09-20] (Spotify Ltd)
HKU\S-1-5-21-4004542635-2087850760-1770400530-1001\...\Run: [Discord] => C:\Users\koski\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2018-07-27]
ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-07-27]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2aa6622e-c882-4ce5-81cf-27cf6d6cca7c}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-09-18] (Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_ie_https\fs_ie_https64.dll [2018-09-18] (F-Secure Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-09-18] (Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_ie_https\fs_ie_https.dll [2018-09-18] (F-Secure Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-18] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6348j8cm.default
FF ProfilePath: C:\Users\koski\AppData\Roaming\Mozilla\Firefox\Profiles\6348j8cm.default [2018-08-23]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-08-07] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018-09-18]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-27] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default [2018-09-22]
CHR Extension: (Slides) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-27]
CHR Extension: (Docs) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-27]
CHR Extension: (Google Drive) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-27]
CHR Extension: (YouTube) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-27]
CHR Extension: (Sheets) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-27]
CHR Extension: (Google Docs Offline) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2018-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-27]
CHR Extension: (Gmail) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-27]
CHR Extension: (Chrome Media Router) - C:\Users\koski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-22]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atiesrxx.exe [496008 2018-08-03] (AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2018-07-27] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2018-07-27] () [File not signed]
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-09-15] (Microsoft Corporation)
S3 BcastDVRUserService_47c3c; C:\Windows\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_47c3c; C:\Windows\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-10] ()
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_47c3c; C:\Windows\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_47c3c; C:\Windows\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation)
S3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation)
S3 CaptureService; C:\Windows\System32\CaptureService.dll [125952 2018-04-12] (Microsoft Corporation)
S3 CaptureService_47c3c; C:\Windows\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_47c3c; C:\Windows\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-07-02] (Intel)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2018-07-27] (DTS)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-28] (EasyAntiCheat Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885992 2018-04-06] ()
R2 fshoster; C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\AntiVirus\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fshoster64.exe [581160 2018-09-18] (F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsorsp64.exe [78304 2018-09-18] (F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsulprothoster.exe [581160 2018-09-18] (F-Secure Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2205504 2018-07-29] (Electronic Arts)
R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3075400 2018-07-29] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2018-07-29] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [185064 2018-04-06] ()
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885992 2018-04-06] ()
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-19] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-19] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atikmdag.sys [46783368 2018-08-03] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atikmpag.sys [578440 2018-08-03] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-07-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107496 2018-07-17] (Advanced Micro Devices)
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fsulgk.sys [251728 2018-09-18] (F-Secure Corporation)
R1 F-Secure UL HIPS; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\ulcore\1537179249\fshs.sys [112312 2018-09-18] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\drivers\fsbts.sys [65872 2018-08-09] ()
S0 fselms; C:\Windows\System32\drivers\fselms.sys [15360 2018-09-18] (F-Secure Corporation)
R3 fsni; C:\Program Files (x86)\F-Secure\AntiVirus\apps\Ultralight\nif\1537173264\fsni64.sys [112456 2018-09-18] (F-Secure Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-04-06] ()
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46896 2018-04-23] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 cpuz140; \??\C:\Users\koski\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)