dubs1987
Posts: 17 +0
I've noticed a significant slowdown on running my browser, opening programs and using Explorer the last couple months.The Recovery Scan files are below, I had to break them up because of the 50,000 character limit. Thanks in advance.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2020
Ran by ubers (administrator) on DESKTOP-LQBKB2Q (08-04-2020 14:16:56)
Running from C:\Users\ubers\Downloads
Loaded Profiles: ubers (Available Profiles: ubers & Administrator)
Platform: Windows 10 Home Version 1809 17763.1098 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Surfshark Ltd. -> Iain Patterson) C:\Program Files (x86)\Surfshark\Resources\x64\nssm.exe
(Surfshark Ltd. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31624080 2020-03-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [3765200 2020-03-18] (Surfshark Ltd. -> Surfshark)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\ANOTHE~1.SCR [55808 2005-03-01] () [File not signed]
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {174239E7-F727-4138-9A08-8F458BEE6514} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F978473-5C7D-416E-B248-A08DE3FA42F1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {2583886E-7684-46B9-B9A7-C962B30CF3F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {2646877B-F366-45C9-8C00-594080E969E0} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1116177293-2918626760-3563952597-500 => C:\Users\ubers\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {5BF3F651-05C5-40A6-9C2A-103FDA2C7EA0} - System32\Tasks\Opera scheduled assistant Autoupdate 1569362109 => C:\Users\ubers\AppData\Local\Programs\Opera\launcher.exe
Task: {709EE3FB-2B9E-4D87-85E6-2B5956D55009} - System32\Tasks\Opera scheduled Autoupdate 1569362099 => C:\Users\ubers\AppData\Local\Programs\Opera\launcher.exe
Task: {74D8ADE8-49DA-4403-ADE8-E7D177CEA4A2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {897AC3C3-F8E0-4AD8-A80D-0514390B41DA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {A6D78204-1734-48E7-946A-C6069FBE5304} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C071F7CA-A069-4268-BD6A-A25E93756E62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {EFAAE3A7-7672-4360-BE4A-634C890F105C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{186038a2-c246-434c-96d4-33c417a772d9}: [NameServer] 162.252.172.57,149.154.159.92
Tcpip\..\Interfaces\{186038a2-c246-434c-96d4-33c417a772d9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88fd77a8-c10d-457c-b970-67ac2b6057e1}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{dac507a2-e1f0-4b3a-8e57-3361b4f6b8f2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd53961b-5375-44b1-9bf9-5786dbd3dc7f}: [DhcpNameServer] 162.252.172.57 149.154.159.92
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
Edge:
======
DownloadDir: C:\Users\ubers\Downloads
Edge Notifications: HKU\S-1-5-21-1116177293-2918626760-3563952597-1002 -> hxxps://forums.playbattlegrounds.com; hxxps://www.inverse.com
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-18]
FireFox:
========
FF DefaultProfile: rnwyvsyl.default
FF ProfilePath: C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default [2020-04-08]
FF Homepage: Mozilla\Firefox\Profiles\rnwyvsyl.default -> hxxps://www.bing.com/
FF Notifications: Mozilla\Firefox\Profiles\rnwyvsyl.default -> hxxps://www.youtube.com; hxxps://www.facebook.com; hxxps://mail.google.com; hxxps://ew.com
FF Extension: (Facebook Container) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\@contain-facebook.xpi [2020-03-10]
FF Extension: (Dark Reader) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\addon@darkreader.org.xpi [2020-03-30]
FF Extension: (convert2mp3.net Online Video Converter) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\info@convert2mp3.net.xpi [2019-04-24]
FF Extension: (AdBlock) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-04-29] [not signed]
FF HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\ubers\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\ubers\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-01-24]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default [2020-04-07]
CHR Extension: (Slides) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-14]
CHR Extension: (Docs) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-14]
CHR Extension: (Google Drive) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-14]
CHR Extension: (YouTube) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
CHR Extension: (Sheets) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-14]
CHR Extension: (Google Docs Offline) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-10-29]
CHR Extension: (Ace Script) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-10-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-29]
CHR Extension: (Gmail) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-08] (BattlEye Innovations e.K. -> )
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-05-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 Surfshark Service; C:\Program Files (x86)\Surfshark\Resources\x64\nssm.exe [436688 2020-02-17] (Surfshark Ltd. -> Iain Patterson)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28760 2019-09-24] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-13] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-18] (ASUSTeK Computer Inc. -> )
R3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\WINDOWS\system32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-07] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-04-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\nvlddmkm.sys [23439288 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-02-20] (Realtek Semiconductor Corp. -> Realtek )
S3 SurfsharkSplitTunnelDriver; C:\Program Files (x86)\Surfshark\Resources\x64\SurfsharkSplitTunnelCalloutDriver.sys [39648 2020-02-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapsurfshark; C:\WINDOWS\System32\drivers\tapsurfshark.sys [38728 2019-05-22] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-08 14:16 - 2020-04-08 14:18 - 000026329 _____ C:\Users\ubers\Downloads\FRST.txt
2020-04-08 14:14 - 2020-04-08 14:17 - 000000000 ____D C:\FRST
2020-04-08 14:14 - 2020-04-08 14:14 - 002281472 _____ (Farbar) C:\Users\ubers\Downloads\FRST64.exe
2020-04-08 12:06 - 2020-04-08 12:06 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-04-08 12:06 - 2020-04-08 12:06 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-04-08 12:06 - 2020-04-08 12:06 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-04-08 12:05 - 2020-04-08 12:05 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-07 21:46 - 2020-04-07 21:46 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-07 21:04 - 2020-03-31 13:05 - 000454790 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200407-210437.backup
2020-03-31 13:05 - 2020-03-04 12:33 - 000454790 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200331-130545.backup
2020-03-30 21:29 - 2020-03-30 21:29 - 000000000 ____D C:\Users\ubers\AppData\Local\NVIDIA
2020-03-30 18:16 - 2020-03-30 18:16 - 000001455 _____ C:\Users\Public\Desktop\DOOM Eternal.lnk
2020-03-30 18:16 - 2020-03-30 18:16 - 000001455 _____ C:\ProgramData\Desktop\DOOM Eternal.lnk
2020-03-26 11:16 - 2020-04-08 12:02 - 000000000 ____D C:\Users\ubers\AppData\Local\Spotify
2020-03-26 11:16 - 2020-03-26 11:16 - 000001881 _____ C:\Users\ubers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2020-03-25 18:22 - 2020-03-25 18:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-03-25 18:20 - 2020-03-18 05:39 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-03-25 18:20 - 2020-03-18 05:39 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-03-25 18:17 - 2020-03-18 19:23 - 005589224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-03-25 18:16 - 2020-03-18 22:22 - 004927048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-03-25 18:16 - 2020-03-18 22:22 - 004196160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000450464 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000348048 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-03-25 18:16 - 2020-03-18 19:25 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-03-25 18:16 - 2020-03-18 19:25 - 010285472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 002073200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001565136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001481144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001351776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001142384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001022560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000817264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000680048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000676240 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000573024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-03-25 18:16 - 2020-03-18 19:24 - 000546928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000544144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 017601120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 015157664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 005856864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 005158512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 001049696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 000849848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-03-25 18:16 - 2020-03-18 19:23 - 000811632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 000655472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 000445024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-03-25 18:16 - 2020-03-18 05:39 - 000111058 _____ C:\WINDOWS\system32\nvidia-smi.1.pdf
2020-03-25 18:16 - 2020-03-18 05:39 - 000077314 _____ C:\WINDOWS\system32\nvinfo.pb
2020-03-22 20:32 - 2020-03-22 20:57 - 000000000 ____D C:\Users\ubers\Downloads\Knives Out (2019) [720p] [BluRay] [YTS.MX]
2020-03-22 20:21 - 2020-03-22 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surfshark
2020-03-11 01:32 - 2020-03-11 01:32 - 011723776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 003550624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001707208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001605000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001076040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 023463424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 019020288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 013013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 012306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 008907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 007923712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 007870976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 004872704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 004664320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 004066816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 003952760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 003909632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 003703808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002751336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002273296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002182456 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002150912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002100056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001876960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001430880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001296360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-03-11 01:31 - 2020-03-11 01:31 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-03-11 01:31 - 2020-03-11 01:31 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2020-03-11 01:31 - 2020-03-11 01:31 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2020
Ran by ubers (administrator) on DESKTOP-LQBKB2Q (08-04-2020 14:16:56)
Running from C:\Users\ubers\Downloads
Loaded Profiles: ubers (Available Profiles: ubers & Administrator)
Platform: Windows 10 Home Version 1809 17763.1098 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Surfshark Ltd. -> Iain Patterson) C:\Program Files (x86)\Surfshark\Resources\x64\nssm.exe
(Surfshark Ltd. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31624080 2020-03-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [3765200 2020-03-18] (Surfshark Ltd. -> Surfshark)
HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\ANOTHE~1.SCR [55808 2005-03-01] () [File not signed]
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {174239E7-F727-4138-9A08-8F458BEE6514} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F978473-5C7D-416E-B248-A08DE3FA42F1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {2583886E-7684-46B9-B9A7-C962B30CF3F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {2646877B-F366-45C9-8C00-594080E969E0} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1116177293-2918626760-3563952597-500 => C:\Users\ubers\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {5BF3F651-05C5-40A6-9C2A-103FDA2C7EA0} - System32\Tasks\Opera scheduled assistant Autoupdate 1569362109 => C:\Users\ubers\AppData\Local\Programs\Opera\launcher.exe
Task: {709EE3FB-2B9E-4D87-85E6-2B5956D55009} - System32\Tasks\Opera scheduled Autoupdate 1569362099 => C:\Users\ubers\AppData\Local\Programs\Opera\launcher.exe
Task: {74D8ADE8-49DA-4403-ADE8-E7D177CEA4A2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {897AC3C3-F8E0-4AD8-A80D-0514390B41DA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {A6D78204-1734-48E7-946A-C6069FBE5304} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C071F7CA-A069-4268-BD6A-A25E93756E62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
Task: {EFAAE3A7-7672-4360-BE4A-634C890F105C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-14] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{186038a2-c246-434c-96d4-33c417a772d9}: [NameServer] 162.252.172.57,149.154.159.92
Tcpip\..\Interfaces\{186038a2-c246-434c-96d4-33c417a772d9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88fd77a8-c10d-457c-b970-67ac2b6057e1}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{dac507a2-e1f0-4b3a-8e57-3361b4f6b8f2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd53961b-5375-44b1-9bf9-5786dbd3dc7f}: [DhcpNameServer] 162.252.172.57 149.154.159.92
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
Edge:
======
DownloadDir: C:\Users\ubers\Downloads
Edge Notifications: HKU\S-1-5-21-1116177293-2918626760-3563952597-1002 -> hxxps://forums.playbattlegrounds.com; hxxps://www.inverse.com
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-18]
FireFox:
========
FF DefaultProfile: rnwyvsyl.default
FF ProfilePath: C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default [2020-04-08]
FF Homepage: Mozilla\Firefox\Profiles\rnwyvsyl.default -> hxxps://www.bing.com/
FF Notifications: Mozilla\Firefox\Profiles\rnwyvsyl.default -> hxxps://www.youtube.com; hxxps://www.facebook.com; hxxps://mail.google.com; hxxps://ew.com
FF Extension: (Facebook Container) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\@contain-facebook.xpi [2020-03-10]
FF Extension: (Dark Reader) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\addon@darkreader.org.xpi [2020-03-30]
FF Extension: (convert2mp3.net Online Video Converter) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\info@convert2mp3.net.xpi [2019-04-24]
FF Extension: (AdBlock) - C:\Users\ubers\AppData\Roaming\Mozilla\Firefox\Profiles\rnwyvsyl.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-04-29] [not signed]
FF HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\ubers\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\ubers\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-01-24]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default [2020-04-07]
CHR Extension: (Slides) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-14]
CHR Extension: (Docs) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-14]
CHR Extension: (Google Drive) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-14]
CHR Extension: (YouTube) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
CHR Extension: (Sheets) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-14]
CHR Extension: (Google Docs Offline) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-10-29]
CHR Extension: (Ace Script) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-10-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-29]
CHR Extension: (Gmail) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\ubers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR HKU\S-1-5-21-1116177293-2918626760-3563952597-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-08] (BattlEye Innovations e.K. -> )
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-05-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 Surfshark Service; C:\Program Files (x86)\Surfshark\Resources\x64\nssm.exe [436688 2020-02-17] (Surfshark Ltd. -> Iain Patterson)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28760 2019-09-24] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-13] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-18] (ASUSTeK Computer Inc. -> )
R3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\WINDOWS\system32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-01-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-07] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-04-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e0a5a1b06de180e3\nvlddmkm.sys [23439288 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-02-20] (Realtek Semiconductor Corp. -> Realtek )
S3 SurfsharkSplitTunnelDriver; C:\Program Files (x86)\Surfshark\Resources\x64\SurfsharkSplitTunnelCalloutDriver.sys [39648 2020-02-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapsurfshark; C:\WINDOWS\System32\drivers\tapsurfshark.sys [38728 2019-05-22] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-08 14:16 - 2020-04-08 14:18 - 000026329 _____ C:\Users\ubers\Downloads\FRST.txt
2020-04-08 14:14 - 2020-04-08 14:17 - 000000000 ____D C:\FRST
2020-04-08 14:14 - 2020-04-08 14:14 - 002281472 _____ (Farbar) C:\Users\ubers\Downloads\FRST64.exe
2020-04-08 12:06 - 2020-04-08 12:06 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-04-08 12:06 - 2020-04-08 12:06 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-04-08 12:06 - 2020-04-08 12:06 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-04-08 12:05 - 2020-04-08 12:05 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-07 21:46 - 2020-04-07 21:46 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-07 21:04 - 2020-03-31 13:05 - 000454790 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200407-210437.backup
2020-03-31 13:05 - 2020-03-04 12:33 - 000454790 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200331-130545.backup
2020-03-30 21:29 - 2020-03-30 21:29 - 000000000 ____D C:\Users\ubers\AppData\Local\NVIDIA
2020-03-30 18:16 - 2020-03-30 18:16 - 000001455 _____ C:\Users\Public\Desktop\DOOM Eternal.lnk
2020-03-30 18:16 - 2020-03-30 18:16 - 000001455 _____ C:\ProgramData\Desktop\DOOM Eternal.lnk
2020-03-26 11:16 - 2020-04-08 12:02 - 000000000 ____D C:\Users\ubers\AppData\Local\Spotify
2020-03-26 11:16 - 2020-03-26 11:16 - 000001881 _____ C:\Users\ubers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2020-03-25 18:22 - 2020-03-25 18:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-03-25 18:20 - 2020-03-18 05:39 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-03-25 18:20 - 2020-03-18 05:39 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-03-25 18:17 - 2020-03-18 19:23 - 005589224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-03-25 18:16 - 2020-03-18 22:22 - 004927048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-03-25 18:16 - 2020-03-18 22:22 - 004196160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-03-25 18:16 - 2020-03-18 19:26 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000450464 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-03-25 18:16 - 2020-03-18 19:26 - 000348048 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-03-25 18:16 - 2020-03-18 19:25 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-03-25 18:16 - 2020-03-18 19:25 - 010285472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 002073200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001565136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001481144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001351776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001142384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 001022560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000817264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000680048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000676240 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000573024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-03-25 18:16 - 2020-03-18 19:24 - 000546928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-03-25 18:16 - 2020-03-18 19:24 - 000544144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 017601120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 015157664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 005856864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 005158512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 001049696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 000849848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-03-25 18:16 - 2020-03-18 19:23 - 000811632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 000655472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-03-25 18:16 - 2020-03-18 19:23 - 000445024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-03-25 18:16 - 2020-03-18 05:39 - 000111058 _____ C:\WINDOWS\system32\nvidia-smi.1.pdf
2020-03-25 18:16 - 2020-03-18 05:39 - 000077314 _____ C:\WINDOWS\system32\nvinfo.pb
2020-03-22 20:32 - 2020-03-22 20:57 - 000000000 ____D C:\Users\ubers\Downloads\Knives Out (2019) [720p] [BluRay] [YTS.MX]
2020-03-22 20:21 - 2020-03-22 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surfshark
2020-03-11 01:32 - 2020-03-11 01:32 - 011723776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 003550624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001707208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001605000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 001076040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 01:32 - 2020-03-11 01:32 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 023463424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 019020288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 013013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 012306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 008907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 007923712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 007870976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 004872704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 004664320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 004066816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 003952760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 003909632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 003703808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002751336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002273296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002182456 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002150912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 002100056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001876960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001430880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001296360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-03-11 01:31 - 2020-03-11 01:31 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-03-11 01:31 - 2020-03-11 01:31 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2020-03-11 01:31 - 2020-03-11 01:31 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-03-11 01:31 - 2020-03-11 01:31 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
Last edited:
