Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2021
Ran by ann (administrator) on HOEHNPC (ASUSTeK COMPUTER INC. X75A) (18-06-2021 17:29:31)
Running from C:\Users\ann\Desktop
Loaded Profiles: ann
Platform: Windows 10 Home Version 2004 19041.1052 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(DUC FABULOUS CO.,LTD -> ) C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe
(Garmin International, Inc. -> ) C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{F1096AA2-5CA5-4D96-BB37-CFE877693A27}\91.0.4472.106_91.0.4472.101_chrome_updater.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{F1096AA2-5CA5-4D96-BB37-CFE877693A27}\CR_5DA06.tmp\setup.exe <2>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ann\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe*********************************************
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3275924145-2641615387-672222228-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31162800 2021-03-16] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.101\Installer\chrmstp.exe [2021-06-10] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2AA6D078-6EFA-48D0-A4AB-E1D80A2B1AAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2C124022-D981-47E0-90AD-3372185D7127} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [549032 2020-06-25] (Bitdefender SRL -> Bitdefender)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {39A66C74-4246-431D-B99F-5571A5F854F4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {3AFE8A0D-5BF7-45BA-A60B-DB123105BB36} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {446AD16C-A64E-4975-ACB6-578F35CC093B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {48598F9B-A7FE-44F0-BB1A-36F53E7CDA2E} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {5A431DF8-0F54-475A-9166-FB2BBCBF8F26} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Task: {606BABB8-7D10-45DF-90B4-C26B72E890F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-30] (Google Inc -> Google LLC)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8976AFB3-6C89-4C49-B6E0-B5274EE897E9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A840C618-AD99-444F-AA72-078599E369CD} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
Task: {B3017C3F-EE43-4A38-A400-B849296EE19E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {B5988110-2F64-4DB2-844D-D76F5C33A7EB} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-03-16] (Garmin International, Inc. -> )
Task: {C16DC51C-8DA0-4D65-9085-1B87EB448DBE} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [160448 2012-11-07] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CC08F0F9-09F2-4FEA-8BBC-25099B863574} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-30] (Google Inc -> Google LLC)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {FCDC5BFE-64F5-47C8-9FA8-1DE42F129D1A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FE0A182D-7CCD-4DBF-898E-0B9EAF47483D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{861516bf-ecc7-473a-8e27-c4701662b9be}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\ann\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-15]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: eya7rmab.default
FF ProfilePath: C:\Users\ann\AppData\Roaming\Mozilla\Firefox\Profiles\s0gpcoti.default-release [2019-09-20]
FF ProfilePath: C:\Users\ann\AppData\Roaming\Mozilla\Firefox\Profiles\eya7rmab.default [2019-08-30]
FF Homepage: Mozilla\Firefox\Profiles\eya7rmab.default -> moz-extension://f53d27fb-43c8-4ce3-bad0-2ba0f8c1f23a/newtab/newtab.html
FF Notifications: Mozilla\Firefox\Profiles\eya7rmab.default -> hxxps://search.hfastpackagetracker.co; hxxps://www.weatherforecasttracker1.com
FF HomepageOverride: Mozilla\Firefox\Profiles\eya7rmab.default -> Enabled: web@Packages
FF NewTabOverride: Mozilla\Firefox\Profiles\eya7rmab.default -> Enabled: web@Packages
FF NewTabOverride: Mozilla\Firefox\Profiles\eya7rmab.default -> Enabled: @searchencrypt
FF Extension: (Web of Trust) - C:\Users\ann\AppData\Roaming\Mozilla\Firefox\Profiles\eya7rmab.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-06-04]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\ann\AppData\Roaming\Mozilla\Firefox\Profiles\eya7rmab.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-23]
FF HKLM\...\Firefox\Extensions: [
bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-04-30] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [
bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-06-25] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [
bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2020-05-14] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [
bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [
bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [
bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-20] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default [2021-06-15]
CHR Notifications: Default -> hxxps://piratesvoyage.com; hxxps://www.accuweather.com; hxxps://www.facebook.com; hxxps://www.indystar.com; hxxps://www.newsbreak.com; hxxps://www.pinterest.com
CHR StartupUrls: Default -> "hxxps://www.msn.com/en-us/news/us"
CHR Extension: (Slides) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-30]
CHR Extension: (Docs) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-30]
CHR Extension: (Google Drive) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-30]
CHR Extension: (Sheets) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-30]
CHR Extension: (Bitdefender Wallet) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-07-27]
CHR Extension: (Google Docs Offline) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-15]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-09-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01]
CHR Profile: C:\Users\ann\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-27]
CHR Profile: C:\Users\ann\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-27]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-06-25] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-06-25] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-15] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13921616 2021-06-14] (Adlice -> )
R2 UltraViewService; C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe [220000 2021-03-20] (DUC FABULOUS CO.,LTD -> )
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [170328 2020-06-25] (Bitdefender SRL -> Bitdefender)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-06-25] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] (ASUSTeK Computer Inc. -> )
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2106424 2020-06-25] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [757240 2020-06-25] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2020-02-20] (Bitdefender SRL -> © Bitdefender SRL)
S3 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-28] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-06-15] (Malwarebytes Inc -> Malwarebytes)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [453344 2020-06-25] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [196392 2019-07-04] (Bitdefender SRL -> Bitdefender)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-01] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-06-15] (Malwarebytes Inc -> Malwarebytes)
S3 NuidFltr; C:\WINDOWS\System32\drivers\NuidFltr.sys [18944 2011-04-09] (Hardware Group Test Cert -> Microsoft Corporation)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [638368 2020-04-30] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-06-15 05:17 - 2021-06-15 05:17 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-15 05:17 - 2021-06-15 05:17 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-15 05:17 - 2021-06-15 05:17 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-15 05:17 - 2021-06-15 05:17 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-15 05:12 - 2021-06-15 05:12 - 008534696 _____ (Malwarebytes) C:\Users\ann\Downloads\AdwCleaner.exe
2021-06-15 05:12 - 2021-06-15 05:12 - 002080712 _____ (Malwarebytes) C:\Users\ann\Downloads\MBSetup.exe
2021-06-15 05:10 - 2021-06-15 05:10 - 000007826 _____ C:\Users\ann\Desktop\AdwCleaner[C00].txt
2021-06-15 04:42 - 2021-06-15 05:10 - 000000000 ____D C:\AdwCleaner
2021-06-15 04:30 - 2021-06-15 04:30 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-15 04:30 - 2021-06-15 04:30 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-15 04:30 - 2021-06-15 04:30 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-15 04:29 - 2021-06-15 04:29 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-15 04:29 - 2021-06-15 04:29 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-15 04:29 - 2021-06-15 04:29 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-15 04:27 - 2021-06-15 04:27 - 000002270 _____ C:\Users\ann\Desktop\rkreport.txt
2021-06-14 20:35 - 2021-06-14 20:35 - 000000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-06-14 20:35 - 2021-06-14 20:35 - 000000901 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2021-06-14 20:33 - 2021-06-14 20:33 - 008534696 _____ (Malwarebytes) C:\Users\ann\Desktop\AdwCleaner.exe
2021-06-14 20:32 - 2021-06-14 20:32 - 041841192 _____ (Adlice Software ) C:\Users\ann\Downloads\RogueKiller_setup (1).exe
2021-06-14 20:31 - 2021-06-14 20:32 - 041841192 _____ (Adlice Software ) C:\Users\ann\Desktop\RogueKiller_setup.exe
2021-06-14 20:30 - 2021-06-14 20:31 - 002080712 _____ (Malwarebytes) C:\Users\ann\Desktop\MBSetup.exe
2021-06-14 06:29 - 2021-06-14 06:35 - 000032951 _____ C:\Users\ann\Desktop\Addition.txt
2021-06-14 06:17 - 2021-06-18 17:38 - 000025575 _____ C:\Users\ann\Desktop\FRST.txt
2021-06-14 06:17 - 2021-06-18 17:28 - 000000000 ____D C:\Users\ann\Desktop\FRST-OlderVersion
2021-06-14 06:16 - 2021-06-18 17:28 - 002300416 _____ (Farbar) C:\Users\ann\Desktop\FRST64.exe
2021-06-13 18:41 - 2021-06-18 17:35 - 000000000 ____D C:\FRST
2021-06-13 16:17 - 2021-06-18 17:22 - 000000000 _____ C:\WINDOWS\UV_LastPW.ini
2021-06-13 15:56 - 2021-06-13 19:08 - 000000000 ____D C:\Users\ann\AppData\Local\D3DSCache
2021-06-13 15:43 - 2021-06-13 15:53 - 000000000 ____D C:\Users\ann\AppData\Roaming\UltraViewer
2021-06-13 15:43 - 2021-06-13 15:43 - 000001154 _____ C:\Users\Public\Desktop\UltraViewer.lnk
2021-06-13 15:43 - 2021-06-13 15:43 - 000001154 _____ C:\ProgramData\Desktop\UltraViewer.lnk
2021-06-13 15:43 - 2021-06-13 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraViewer
2021-06-13 15:41 - 2021-06-13 15:43 - 000000000 ____D C:\Program Files (x86)\UltraViewer
2021-06-09 21:47 - 2021-06-09 21:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-09 21:47 - 2021-06-09 21:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-09 21:47 - 2021-06-09 21:47 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-09 21:47 - 2021-06-09 21:47 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-09 21:47 - 2021-06-09 21:47 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-09 21:47 - 2021-06-09 21:47 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-09 21:46 - 2021-06-09 21:46 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-09 21:46 - 2021-06-09 21:46 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-09 21:46 - 2021-06-09 21:46 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-09 21:46 - 2021-06-09 21:46 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-09 21:45 - 2021-06-09 21:45 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-09 21:45 - 2021-06-09 21:45 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-09 21:44 - 2021-06-09 21:44 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-09 21:44 - 2021-06-09 21:44 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-09 21:44 - 2021-06-09 21:44 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-09 21:44 - 2021-06-09 21:44 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-09 21:44 - 2021-06-09 21:44 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-09 21:43 - 2021-06-09 21:43 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-06 11:56 - 2021-06-06 11:56 - 000002681 _____ C:\Users\ann\Desktop\YouTube.lnk
2021-06-06 11:56 - 2021-06-06 11:56 - 000000000 ____D C:\Users\ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-06-18 17:37 - 2019-08-30 17:10 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-18 17:37 - 2019-08-30 17:10 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-18 17:37 - 2019-08-30 17:10 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-06-18 17:31 - 2020-11-18 15:20 - 000004146 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C81A4A75-43AF-428B-906C-CF04CE0E9C79}
2021-06-18 17:30 - 2018-12-21 19:55 - 000000000 ____D C:\Users\ann\AppData\Local\CrashDumps
2021-06-18 17:26 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-18 17:23 - 2019-12-07 05:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2021-06-18 17:23 - 2015-09-25 23:33 - 000000000 __SHD C:\Users\ann\IntelGraphicsProfiles
2021-06-18 17:22 - 2020-11-17 22:02 - 000000000 ____D C:\Users\ann
2021-06-18 17:20 - 2020-11-18 15:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-18 17:20 - 2020-11-18 14:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-18 17:20 - 2020-11-18 14:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-15 05:13 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-15 05:10 - 2012-11-27 14:26 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-06-15 04:49 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-15 04:49 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-15 04:29 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-15 04:29 - 2014-09-09 15:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-15 04:28 - 2017-12-25 16:32 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-14 21:10 - 2018-12-17 02:39 - 000000000 ____D C:\ProgramData\RogueKiller
2021-06-14 20:37 - 2020-11-18 15:20 - 000003534 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2021-06-14 20:35 - 2018-12-17 02:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-06-14 20:35 - 2018-12-17 02:39 - 000000000 ____D C:\Program Files\RogueKiller
2021-06-14 20:29 - 2017-04-14 21:32 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2021-06-14 20:28 - 2018-12-19 22:19 - 000000500 _____ C:\Users\ann\AppData\Roaming\sp_data.sys
2021-06-13 18:12 - 2020-11-18 15:02 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-13 18:12 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-13 15:40 - 2020-06-15 11:59 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-13 15:40 - 2020-06-15 11:59 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-13 15:40 - 2020-06-15 11:59 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-09 22:59 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-09 22:37 - 2020-11-18 14:38 - 000257824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-09 22:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-09 22:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-09 22:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-09 22:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-09 22:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-09 22:00 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-09 21:37 - 2020-11-18 15:20 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3275924145-2641615387-672222228-1001
2021-06-09 21:37 - 2020-11-17 22:02 - 000002414 _____ C:\Users\ann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-09 21:37 - 2015-09-25 23:37 - 000000000 ___RD C:\Users\ann\OneDrive
2021-06-09 21:01 - 2020-11-15 15:57 - 000000000 ___HD C:\$WinREAgent
2021-06-09 20:49 - 2013-10-17 17:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-09 20:43 - 2013-10-17 17:11 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-03 21:31 - 2020-10-01 14:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-25 07:48 - 2020-10-01 14:20 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-05-25 07:48 - 2020-10-01 14:20 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== Files in the root of some directories ========
2018-12-19 22:19 - 2021-06-14 20:28 - 000000500 _____ () C:\Users\ann\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================