new pc top of the line , all the right stuff and still get hacked somehow. a good friend sent me to you guys in hope that you might can HELP, so paypal and ebay info is out there along with my bank info, there has got to be something on this pc letting them get it, any info on how to find it would be great, thought i was tech savvy but i guess not.Thank you in advance for any help you may be able to provide.
I have been hacked and now my bank account is gone! please help!!!
- Thread starter masterpk
- Start date
- Status
While it could be the security breach happened on the computer there are instances of info obtained through using debit cards out in the public as well.
* Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
* From a clean computer, change ALL your on-line passwords for email, for banks, financial accounts, PayPal, eBay, on-line companies, any on-line forums or groups you belong to.
Do NOT change passwords or do any transactions while using this computer because the attacker will get the new passwords and transaction information. Please refrain from using this computer for online-banking/financial purpose for the time being.
~~~~~~~~~~~~~~~~
Some professionals feel the best way to clean a computer is to reformat.
Farbar Recovery Scan Tool (FRST) Scan
* Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
* From a clean computer, change ALL your on-line passwords for email, for banks, financial accounts, PayPal, eBay, on-line companies, any on-line forums or groups you belong to.
Do NOT change passwords or do any transactions while using this computer because the attacker will get the new passwords and transaction information. Please refrain from using this computer for online-banking/financial purpose for the time being.
~~~~~~~~~~~~~~~~
Some professionals feel the best way to clean a computer is to reformat.
- Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
- Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
- Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
- Click Yes to the disclaimer.
- Ensure the Addition.txt box is checked.
- Click the Scan button and let the programme run.
- Upon completion, click OK, then OK on the Addition.txt pop up screen.
- Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
After posting the FRST log
While I have it fresh on my mind, let's reset your router.
Turn the computer off, then cut or turn off the power to your router.
Let this set 5 minutes or so.
Turn the router back on, after all lights have stopped flashing, turn the computer back on.
While I have it fresh on my mind, let's reset your router.
Turn the computer off, then cut or turn off the power to your router.
Let this set 5 minutes or so.
Turn the router back on, after all lights have stopped flashing, turn the computer back on.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-06-2019 01
Ran by markt (administrator) on DESKTOP-BLHSTOF (Alienware Alienware Aurora R8) (11-06-2019 16:35:36)
Running from C:\Users\markt\Desktop
Loaded Profiles: markt (Available Profiles: markt)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDefragBackend64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Dell Inc -> ) C:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\OCControlService\OCControl.Service.exe
(Dell Technologies) [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.37.0_x64__htrsf667h5kn2\AWCC.exe
(Dell Technologies) [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.37.0_x64__htrsf667h5kn2\GameLibrary\GameLibraryAppService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_560fc57bd19aca93\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_560fc57bd19aca93\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\RstMwService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AlienwareMobileConnectWelcome] => C:\Program Files\Alienware\AlienwareMobileConnectDrivers\AlienwareMobileConnectWStartup.exe [414952 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [309680 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [776136 2018-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7388488 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\acrord32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\epicgameslauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\nvidia geforce experience.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\razer synapse 3.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\Users\markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DiskProtect9527.lnk [2019-06-02]
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F3BB960-D176-4E64-9F73-E6C9B43CFC8D} - System32\Tasks\laxative => C:\Program Files (x86)\bedraggled\bedraggled.exe
Task: {1A71EFC1-9D37-46F0-B603-31B2E081A2CB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1C1FD5EB-81CA-4825-B62B-F1B8421BD145} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A85066A-C2F2-4544-86ED-7E70FD871D3F} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1057248 2019-02-14] (A-Volute -> Nahimic)
Task: {315D7C8A-F0F6-4EDC-AC90-C9A766E8F339} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2314008 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {37CBB54B-63C9-4F72-9292-BC34ED4F33BE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4382D0DE-CCC2-48AC-99F9-3E7A1401EDEC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {4E45D732-AEE1-4BFD-A1DA-DDC9FDD2627E} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {4E61362A-2D6D-4D0D-90A9-5B11C2E56B87} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302656 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {537BAEA7-74B6-4BB0-B550-F04D7AE25949} - System32\Tasks\dogwoodsdogwoods => C:\Program Files (x86)\Precipices\Hollander.exe
Task: {5B1E43EE-F622-48B5-A33F-4C99123FA265} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CD6B7CB-D3E0-4D2E-8575-D3831A4C5528} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F448A57-1117-4045-8506-220EA029B20E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7351B064-CDC4-49DA-80AE-397FAF0909AB} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [787912 2019-02-14] (A-Volute -> Nahimic)
Task: {735B6A29-0510-45ED-9425-F05EE43916C3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {7AA86948-E137-45D1-A53D-CB2DA2E9C4BE} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\System32\NahimicSvc64.exe [1057248 2019-02-14] (A-Volute -> Nahimic)
Task: {7BBC8D38-A477-4838-AA86-838F7CAF69E8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.)
Task: {847803DC-D2F1-4243-B945-E739715AD312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-01] (Google Inc -> Google LLC)
Task: {90765C0A-ECC2-457E-A476-FCBEC1F04E02} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93393022-F191-46AB-97CA-D0EB471C8122} - System32\Tasks\inactivate-folio => C:\Program Files (x86)\scholars\Embellishing.exe
Task: {98494F83-E6D3-4B7B-9F0C-E57E40C7BB41} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072504 2019-05-25] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {9E8BBAD7-09FB-4B5C-96DD-2B3349AD3097} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9F948989-7203-46FE-9DED-4FC2C226C9DC} - System32\Tasks\inactivate-folioinactivate-folio => C:\Program Files (x86)\scholars\Embellishing.exe
Task: {A3B76F5A-ADDA-4FEE-B178-766550B138B0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2981808 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {AA541656-6632-4D0E-B4DC-C041BAA20D10} - System32\Tasks\inexplicablyinexplicably => C:\Program Files (x86)\Geoscientist\norge.exe
Task: {B01CF8D4-5F69-4849-9EA3-1A5219BEEC74} - System32\Tasks\dogwoods => C:\Program Files (x86)\Precipices\Hollander.exe
Task: {BA44C0BC-1810-4BC6-A8CC-FC1E8DEA158B} - System32\Tasks\inexplicably => C:\Program Files (x86)\Geoscientist\norge.exe
Task: {BCB35A81-9944-42E8-90CC-77336C67564A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {BCB3CF93-E8BB-4040-AB25-262E92B33182} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [787912 2019-02-14] (A-Volute -> Nahimic)
Task: {D7876512-92C7-4F23-BF37-22D15FFD82D8} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E0E7E35A-71C4-4251-9391-AA9157E49BF4} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {E2E021B0-5250-4703-92EE-D1B2A61B6BF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-01] (Google Inc -> Google LLC)
Task: {E5F31AB5-4E82-4708-915A-EB0B3DCEFE1E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBE20778-BC5D-4E60-BC43-ACE2D69036E7} - System32\Tasks\laxativelaxative => C:\Program Files (x86)\bedraggled\bedraggled.exe
Task: {ECB73F3B-2E36-4640-910F-F4637C838349} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {EF09E6D7-2FD1-4AAC-AB6B-14D64C68A3B8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F05DCD80-AA5D-4DEF-BD0D-5D5C71FEBCF0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {FCFB0844-5137-4283-84D7-D2C37D6FBAAF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2440df3b-7882-4934-a33a-3699a4332898}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{4b36be75-11a3-4b76-94cc-d6fae5fdcee5}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{4b36be75-11a3-4b76-94cc-d6fae5fdcee5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{59287834-0701-4d16-b983-f4f51b216295}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b804f755-d982-4f74-9941-4e335cfd416a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b804f755-d982-4f74-9941-4e335cfd416a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cceaced9-5422-11e9-ad45-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f256aaa0-6aeb-43dd-9f88-c64c8ff53463}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f8a41af7-ae2b-4f73-9c21-653a7bb88aad}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default [2019-06-11]
CHR Extension: (Slides) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-01]
CHR Extension: (Docs) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-01]
CHR Extension: (Google Drive) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-01]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-06-02]
CHR Extension: (YouTube) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-01]
CHR Extension: (Honey) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-05-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-19]
CHR Extension: (Tampermonkey) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-05-10]
CHR Extension: (Pandora) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2019-04-01]
CHR Extension: (Sheets) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-01]
CHR Extension: (Google Docs Offline) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-01]
CHR Extension: (Marvel Comics) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice [2019-04-01]
CHR Extension: (Dropbox) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2019-04-01]
CHR Extension: (SparkChess) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2019-04-01]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-06-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-01]
CHR Extension: (Picasa) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2019-04-01]
CHR Extension: (Tv Online) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2019-04-01]
CHR Extension: (Gmail) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Alienware Digital Delivery Services; c:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe [34976 2018-12-05] (Dell Inc -> )
R2 Alienware SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S4 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2018-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [409280 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6893160 2019-05-28] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [15560 2019-05-15] (Dell Inc -> Dell Technologies)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-04-21] (BattlEye Innovations e.K. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
S4 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-05-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-04-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\HfcDisableService.exe [1860064 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2788320 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [760008 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720072 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-13] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S4 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2484992 2018-09-04] (Rivet Networks LLC -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1306056 2019-02-14] (A-Volute -> Nahimic)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S4 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [192720 2018-08-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447592 2019-05-07] (Razer USA Ltd. -> Razer Inc.)
S4 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [936552 2019-05-07] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)
S4 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-05-13] (Razer USA Ltd. -> Razer Inc.)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\RstMwService.exe [2112480 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [776136 2018-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S4 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-05-03] (Razer USA Ltd. -> Razer Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S4 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6598496 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\NisSrv.exe [3856504 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\MsMpEng.exe [113984 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S4 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72952 2018-09-04] (Rivet Networks LLC -> CloudBees, Inc.)
S4 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72952 2018-09-04] (Rivet Networks LLC -> CloudBees, Inc.)
R3 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [28376 2019-01-17] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0341248.inf_amd64_3000f277af7fbb1b\B341349\atikmdag.sys [52888992 2019-04-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0341248.inf_amd64_3000f277af7fbb1b\B341349\atikmpag.sys [590752 2019-04-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37160 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [207496 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [263056 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [206408 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61520 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42336 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [167920 2019-06-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112360 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [87992 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [477632 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [225656 2019-06-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [385904 2019-05-31] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [42408 2019-02-20] (IndiLogic LLC -> Dell Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [159712 2018-09-07] (WDKTestCert SYSTEM,130948585914967575 -> Qualcomm Atheros, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-06-03] (Malwarebytes Corporation -> Malwarebytes)
R3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98864 2018-06-11] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1017312 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [73184 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
S3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [154752 2018-09-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-03] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
S3 nhi; C:\WINDOWS\System32\drivers\tbt100x.sys [138272 2018-07-05] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b49751b9038af669\nvlddmkm.sys [21836032 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
S1 nvldr; C:\Users\markt\AppData\Local\Temp\pcdwlshg.sys [0 2019-06-02] () <==== ATTENTION (zero byte File/Folder) <==== ATTENTION
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2360048 2018-08-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [49032 2019-01-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0064; C:\WINDOWS\System32\drivers\RzDev_0064.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_021e; C:\WINDOWS\System32\drivers\RzDev_021e.sys [51688 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 ScrHIDDriver2; C:\WINDOWS\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [48608 2019-03-28] (Microsoft Windows Hardware Compatibility Publisher -> STMicroelectronics)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
R3 UcmCxUcsiNvppc; C:\WINDOWS\System32\drivers\UcmCxUcsiNvppc.sys [453000 2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343520 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54512 2019-01-17] (Intel Corporation -> Intel Corporation)
R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [39680 2019-01-17] (Intel(R) Extreme Tuning Utility -> Intel Corporation)
S0 owcvixg; System32\drivers\svoawezn.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-11 16:35 - 2019-06-11 16:36 - 000043322 _____ C:\Users\markt\Desktop\FRST.txt
2019-06-11 16:35 - 2019-06-11 16:35 - 000000000 ____D C:\FRST
2019-06-11 16:31 - 2019-06-11 16:31 - 002418688 _____ (Farbar) C:\Users\markt\Desktop\FRST64.exe
2019-06-10 19:11 - 2019-06-10 19:11 - 000001484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2019-06-10 19:11 - 2019-06-10 19:11 - 000001472 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2019-06-10 19:11 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2019-06-10 19:07 - 2019-06-10 20:50 - 000002302 _____ C:\WINDOWS\System32\Tasks\NahimicTask32
2019-06-10 19:07 - 2019-06-10 20:50 - 000002282 _____ C:\WINDOWS\System32\Tasks\NahimicTask64
2019-06-10 19:06 - 2019-06-10 19:06 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000000000 ____D C:\WINDOWS\Panther
2019-06-10 19:05 - 2019-06-10 20:02 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-06-10 19:05 - 2019-06-10 19:12 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-06-10 19:05 - 2019-06-10 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2019-06-10 19:05 - 2019-06-10 19:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2019-06-10 19:03 - 2019-06-10 19:04 - 046525608 _____ (Safer-Networking Ltd. ) C:\Users\markt\Downloads\spybot-2.4.exe
2019-06-08 12:10 - 2019-06-08 12:10 - 000001244 _____ C:\Users\Public\Desktop\MAGIX Movie Edit Pro 2016 Premium.lnk
2019-06-07 23:35 - 2019-06-08 12:17 - 000000000 ____D C:\Users\markt\Documents\MAGIX downloads
2019-06-07 23:35 - 2019-06-08 12:17 - 000000000 ____D C:\Users\markt\AppData\Roaming\MAGIX
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Users\Public\Documents\MAGIX
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Users\markt\Documents\MAGIX_MusicEditor
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Users\markt\AppData\Local\Xara
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Program Files\Common Files\MAGIX Shared
2019-06-07 23:34 - 2019-06-08 12:17 - 000000000 ____D C:\ProgramData\MAGIX
2019-06-07 23:34 - 2019-06-08 12:12 - 000000000 ___RD C:\Users\markt\Documents\MAGIX
2019-06-07 23:34 - 2019-06-07 23:34 - 000000000 ____D C:\Program Files\MAGIX
2019-06-07 23:34 - 2019-06-07 23:34 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2019-06-07 23:34 - 2019-06-07 23:34 - 000000000 ____D C:\Program Files (x86)\MAGIX
2019-06-07 16:07 - 2019-06-07 16:07 - 000000000 ____D C:\Users\markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-07 16:07 - 2019-06-07 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-07 16:07 - 2019-06-07 16:07 - 000000000 ____D C:\Program Files (x86)\WinRAR
2019-06-06 16:20 - 2019-06-06 16:20 - 000002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2019-06-06 15:35 - 2019-06-06 15:35 - 000167920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-06-03 17:41 - 2019-06-03 17:41 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-06-03 17:33 - 2019-06-05 21:26 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-03 17:33 - 2019-06-05 21:26 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-03 16:16 - 2019-06-03 17:41 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-03 16:16 - 2019-06-03 16:16 - 000001922 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\Users\markt\AppData\Local\mbamtray
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\Users\markt\AppData\Local\mbam
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-03 16:16 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-03 16:10 - 2019-06-03 16:10 - 000225656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-06-02 21:26 - 2019-06-02 21:26 - 000000001 _____ C:\nqle
2019-06-02 21:09 - 2019-06-02 21:09 - 000000000 ____D C:\Users\markt\AppData\Roaming\Macromedia
2019-06-02 21:06 - 2019-06-02 21:06 - 000000000 ___HD C:\$AV_AVG
2019-06-02 21:04 - 2019-06-03 16:08 - 000000000 ____D C:\avast! sandbox
2019-06-02 20:56 - 2019-06-02 20:56 - 000126464 _____ C:\Users\markt\AppData\Local\lobby.dat
2019-06-02 20:56 - 2019-06-02 20:56 - 000054272 _____ C:\Users\markt\AppData\Local\ApplicationHosting.dat
2019-06-02 20:56 - 2019-06-02 20:56 - 000000000 ____D C:\WINDOWS\SysWOW64\cgivsbp
2019-06-02 20:56 - 2019-06-02 20:56 - 000000000 ____D C:\WINDOWS\system32\cgivsbp
2019-06-02 20:56 - 2019-06-02 20:56 - 000000000 _____ C:\WINDOWS\b45008530
2019-06-02 20:55 - 2019-06-03 16:23 - 000000000 ___HD C:\Program Files (x86)\kubo
2019-06-02 20:55 - 2019-06-03 16:23 - 000000000 ___HD C:\Program Files (x86)\Hitz
2019-06-02 20:55 - 2019-06-02 23:42 - 000000000 ____D C:\ProgramData\fb
2019-06-02 20:55 - 2019-06-02 21:30 - 000003414 _____ C:\WINDOWS\System32\Tasks\inactivate-folio
2019-06-02 20:55 - 2019-06-02 21:30 - 000003400 _____ C:\WINDOWS\System32\Tasks\inexplicably
2019-06-02 20:55 - 2019-06-02 21:30 - 000003398 _____ C:\WINDOWS\System32\Tasks\laxative
2019-06-02 20:55 - 2019-06-02 21:30 - 000003316 _____ C:\WINDOWS\System32\Tasks\inactivate-folioinactivate-folio
2019-06-02 20:55 - 2019-06-02 21:30 - 000003294 _____ C:\WINDOWS\System32\Tasks\inexplicablyinexplicably
2019-06-02 20:55 - 2019-06-02 21:30 - 000003284 _____ C:\WINDOWS\System32\Tasks\laxativelaxative
2019-06-02 20:55 - 2019-06-02 21:29 - 000003396 _____ C:\WINDOWS\System32\Tasks\dogwoods
2019-06-02 20:55 - 2019-06-02 21:29 - 000003282 _____ C:\WINDOWS\System32\Tasks\dogwoodsdogwoods
2019-06-02 20:55 - 2019-06-02 20:55 - 000722944 _____ C:\Users\markt\AppData\Local\sha.db
2019-06-02 20:55 - 2019-06-02 20:55 - 000140800 _____ C:\Users\markt\AppData\Local\installer.dat
2019-06-02 20:55 - 2019-06-02 20:55 - 000000000 ____D C:\Users\markt\AppData\Roaming\et
2019-06-02 20:55 - 2019-06-02 20:55 - 000000000 ____D C:\ProgramData\zAhNtSnlYqTtUj
2019-06-02 20:55 - 2019-06-02 20:55 - 000000000 ____D C:\ProgramData\Pader
2019-06-02 20:54 - 2019-06-03 06:36 - 000000000 ____D C:\Users\markt\AppData\Roaming\AGData
2019-06-02 20:54 - 2019-06-03 00:08 - 000000000 ____D C:\Users\markt\AppData\Local\App
2019-06-02 20:52 - 2019-06-02 20:52 - 000000000 ____D C:\Users\markt\AppData\Local\AdvinstAnalytics
2019-06-02 20:33 - 2019-06-02 20:33 - 003467666 _____ C:\Users\markt\Downloads\Rust Hack v2.4.rar
2019-06-02 13:53 - 2019-06-02 13:53 - 000000000 ___HD C:\OneDriveTemp
2019-05-31 19:58 - 2019-05-23 11:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-05-31 19:58 - 2019-05-23 11:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-05-31 19:58 - 2019-05-23 11:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000552352 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000457304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-05-31 19:58 - 2019-05-23 11:24 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-05-31 19:58 - 2019-05-23 11:23 - 011051968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-05-31 19:58 - 2019-05-23 11:23 - 009487240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000821120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000675016 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000631224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000541904 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000522120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 005422040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 004759640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 002039768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001722456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443086.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001542232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001470856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443086.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001162200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001133824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 000912472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 000808408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 000654752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 040412576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 035269592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 020190808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 017467024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-05-31 19:58 - 2019-05-23 11:14 - 005085672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-05-31 19:58 - 2019-05-23 11:14 - 004340480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-05-31 19:58 - 2019-05-22 18:39 - 000052456 _____ C:\WINDOWS\system32\nvinfo.pb
2019-05-31 19:55 - 2019-06-10 20:50 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-10 20:50 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-10 20:50 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003212 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-05-31 19:59 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-05-31 19:55 - 2019-05-22 08:45 - 002785592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-05-31 19:55 - 2019-05-22 08:45 - 002164536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-05-31 19:55 - 2019-04-17 02:42 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-05-31 19:55 - 2019-04-16 23:44 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-05-31 16:07 - 2019-05-31 16:07 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-05-28 14:35 - 2019-05-28 14:35 - 000000278 _____ C:\Users\markt\Desktop\Dauntless.url
2019-05-28 14:23 - 2019-06-02 21:30 - 000002922 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744618819-3778837739-1969267418-1001
2019-05-28 14:23 - 2019-05-28 14:23 - 000002369 _____ C:\Users\markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-27 18:18 - 2019-06-10 20:50 - 000003250 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-05-27 18:18 - 2019-05-27 18:18 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000477632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000363440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-05-27 18:18 - 2019-05-27 18:18 - 000263056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000207496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000206408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000061520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000037160 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-05-27 18:18 - 2019-04-01 16:15 - 000015280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2019-05-27 12:02 - 2019-05-27 12:03 - 003958158 _____ C:\Users\markt\Downloads\rust_hack_v24_76c16.zip
2019-05-25 17:46 - 2019-06-02 21:30 - 000003150 _____ C:\WINDOWS\System32\Tasks\Adobe Reader and Acrobat Manager
2019-05-25 17:44 - 2019-05-25 17:44 - 000002596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2019-05-25 17:44 - 2019-05-25 17:44 - 000002584 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2019-05-25 17:44 - 2019-01-10 13:07 - 000042848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2019-05-25 17:43 - 2019-06-10 16:43 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2019-05-25 17:43 - 2019-05-25 17:44 - 000000000 ____D C:\Program Files (x86)\AVG
2019-05-25 17:41 - 2019-05-25 17:44 - 000000000 ____D C:\Users\markt\AppData\Local\AvgSetupLog
2019-05-25 17:41 - 2019-05-25 17:41 - 003640208 _____ (AVG Technologies CZ, s.r.o.) C:\Users\markt\Downloads\AVG_Performance_709.exe
2019-05-21 20:34 - 2019-05-21 20:34 - 000000000 ____D C:\Users\markt\AppData\Roaming\AudioVisualizerApp
2019-05-15 17:11 - 2019-05-22 17:01 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-05-15 17:09 - 2019-05-07 14:54 - 001721600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-15 17:09 - 2019-05-07 14:54 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-15 17:09 - 2019-05-06 00:35 - 001468000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvppcgenco64_1127831.dll
2019-05-15 17:09 - 2019-05-06 00:35 - 000453000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\UcmCxUcsiNvppc.sys
2019-05-15 12:13 - 2019-05-15 12:13 - 000042184 _____ (Alienware) C:\WINDOWS\system32\LightFX.dll
2019-05-15 12:13 - 2019-05-15 12:13 - 000036040 _____ C:\WINDOWS\SysWOW64\LightFX.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 002780000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-14 17:26 - 2019-05-14 17:26 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-14 17:26 - 2019-05-14 17:26 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-14 17:26 - 2019-05-14 17:26 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-14 17:26 - 2019-05-14 17:26 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-14 17:26 - 2019-05-14 17:26 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000080184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-14 17:19 - 2019-05-13 16:23 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-14 17:19 - 2019-05-13 16:23 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 13:20 - 2019-05-14 13:20 - 000000000 _____ C:\WINDOWS\SysWOW64\SpyWareFolderstoFilter.txt
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-11 16:29 - 2019-03-31 23:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-11 16:23 - 2019-03-31 21:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-11 12:39 - 2019-04-27 10:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-10 20:50 - 2019-04-01 20:10 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-06-10 20:50 - 2019-04-01 16:20 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-10 20:50 - 2019-04-01 16:20 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-10 20:50 - 2019-03-31 22:13 - 000002342 _____ C:\WINDOWS\System32\Tasks\NahimicSvc64Run
2019-06-10 20:50 - 2019-03-31 22:13 - 000002342 _____ C:\WINDOWS\System32\Tasks\NahimicSvc32Run
2019-06-10 19:23 - 2019-02-20 21:25 - 000000000 ____D C:\Program Files (x86)\Alienware Digital Delivery Services
2019-06-10 19:07 - 2019-05-09 08:17 - 000563576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-10 19:07 - 2019-02-26 18:45 - 000000000 __SHD C:\Users\markt\IntelGraphicsProfiles
2019-06-10 19:06 - 2019-03-31 23:47 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-10 19:06 - 2019-03-31 21:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-10 16:43 - 2019-03-31 21:52 - 000000000 ____D C:\Users\markt\AppData\Local\CrashDumps
2019-06-09 12:27 - 2019-04-01 16:27 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-09 10:59 - 2019-03-31 23:53 - 000000000 ____D C:\WINDOWS\INF
2019-06-08 17:39 - 2019-04-01 16:43 - 000000000 ____D C:\Users\markt\AppData\Roaming\Discord
2019-06-08 17:28 - 2019-03-31 23:54 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-08 17:28 - 2019-03-31 23:54 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-07 23:38 - 2019-03-31 21:36 - 000000000 ____D C:\Users\markt\AppData\Local\D3DSCache
2019-06-07 23:34 - 2019-03-31 23:54 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-03 16:42 - 2019-02-20 21:36 - 000000000 ____D C:\ProgramData\Packages
2019-06-03 16:23 - 2019-02-20 21:18 - 000000000 ____D C:\Program Files\Killer Networking
2019-06-03 16:16 - 2019-03-31 23:54 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-03 16:16 - 2019-03-15 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-02 21:30 - 2019-03-31 22:18 - 000003330 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-06-02 21:02 - 2019-03-31 21:26 - 000000000 ____D C:\Users\markt
2019-06-02 21:02 - 2019-03-31 21:09 - 000000000 ____D C:\ProgramData\A-Volute
2019-06-02 21:01 - 2019-04-27 10:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-06-02 14:10 - 2019-02-20 21:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-06-02 14:08 - 2019-02-20 21:22 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installations
2019-06-02 13:53 - 2019-02-26 18:47 - 000000000 ___RD C:\Users\markt\OneDrive
2019-05-31 20:15 - 2019-03-11 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-05-31 20:01 - 2019-04-27 10:43 - 000000000 ____D C:\Users\markt\ansel
2019-05-31 20:00 - 2019-03-11 17:40 - 000000000 ____D C:\temp
2019-05-31 19:58 - 2019-03-31 21:33 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-31 19:55 - 2019-04-27 10:42 - 000001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-05-31 19:55 - 2019-04-27 10:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-05-31 19:55 - 2019-04-27 10:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-05-28 14:24 - 2019-04-21 19:18 - 000000000 ____D C:\Program Files\Epic Games
2019-05-25 17:46 - 2019-04-15 18:36 - 000000000 ____D C:\Users\markt\AppData\Local\Battle.net
2019-05-25 17:44 - 2019-04-01 16:16 - 000000000 ____D C:\Users\markt\AppData\Local\AVG
2019-05-25 17:44 - 2019-04-01 16:14 - 000000000 ____D C:\ProgramData\AVG
2019-05-22 17:01 - 2019-04-27 10:41 - 005432688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 002637808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 000650608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 000450872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-22 10:03 - 2019-04-27 10:41 - 008579232 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-05-22 08:45 - 2019-04-27 10:41 - 001316208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-05-22 08:40 - 2019-04-27 10:41 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-05-18 13:21 - 2019-03-31 23:54 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-17 16:24 - 2019-04-15 18:37 - 000000000 ____D C:\Users\markt\AppData\Local\Blizzard Entertainment
2019-05-17 16:24 - 2019-04-15 18:35 - 000000000 ____D C:\Users\markt\AppData\Local\Blizzard
2019-05-17 16:24 - 2019-04-15 18:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-05-15 17:21 - 2019-04-01 00:04 - 000000000 ____D C:\Program Files (x86)\Razer
2019-05-15 16:40 - 2019-03-31 23:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-15 16:35 - 2019-03-31 21:36 - 000000000 ____D C:\Users\markt\AppData\Local\Razer
2019-05-14 19:24 - 2019-03-31 23:54 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-14 19:24 - 2019-03-31 23:54 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-14 17:19 - 2019-03-31 22:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-14 17:15 - 2019-03-31 22:05 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 13:21 - 2019-04-01 06:45 - 000000148 _____ C:\WINDOWS\SysWOW64\SmartFlow.txt
2019-05-14 12:59 - 2019-04-01 16:22 - 000000000 ____D C:\Users\markt\AppData\Roaming\vlc
==================== Files in the root of some directories ================
2019-06-02 20:56 - 2019-06-02 20:56 - 000054272 _____ () C:\Users\markt\AppData\Local\ApplicationHosting.dat
2019-06-02 20:55 - 2019-06-02 20:55 - 000140800 _____ () C:\Users\markt\AppData\Local\installer.dat
2019-06-02 20:56 - 2019-06-02 20:56 - 000126464 _____ () C:\Users\markt\AppData\Local\lobby.dat
2019-06-02 20:55 - 2019-06-02 20:55 - 000722944 _____ () C:\Users\markt\AppData\Local\sha.db
==================== FLock ================
2019-04-01 00:06 C:\Recovery
2019-06-10 20:51 C:\System Volume Information
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Ran by markt (administrator) on DESKTOP-BLHSTOF (Alienware Alienware Aurora R8) (11-06-2019 16:35:36)
Running from C:\Users\markt\Desktop
Loaded Profiles: markt (Available Profiles: markt)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDefragBackend64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Dell Inc -> ) C:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\OCControlService\OCControl.Service.exe
(Dell Technologies) [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.37.0_x64__htrsf667h5kn2\AWCC.exe
(Dell Technologies) [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.37.0_x64__htrsf667h5kn2\GameLibrary\GameLibraryAppService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_560fc57bd19aca93\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_560fc57bd19aca93\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\RstMwService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AlienwareMobileConnectWelcome] => C:\Program Files\Alienware\AlienwareMobileConnectDrivers\AlienwareMobileConnectWStartup.exe [414952 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [309680 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [776136 2018-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7388488 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\acrord32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\epicgameslauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\nvidia geforce experience.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\razer synapse 3.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\Users\markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DiskProtect9527.lnk [2019-06-02]
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F3BB960-D176-4E64-9F73-E6C9B43CFC8D} - System32\Tasks\laxative => C:\Program Files (x86)\bedraggled\bedraggled.exe
Task: {1A71EFC1-9D37-46F0-B603-31B2E081A2CB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1C1FD5EB-81CA-4825-B62B-F1B8421BD145} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A85066A-C2F2-4544-86ED-7E70FD871D3F} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1057248 2019-02-14] (A-Volute -> Nahimic)
Task: {315D7C8A-F0F6-4EDC-AC90-C9A766E8F339} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2314008 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {37CBB54B-63C9-4F72-9292-BC34ED4F33BE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4382D0DE-CCC2-48AC-99F9-3E7A1401EDEC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {4E45D732-AEE1-4BFD-A1DA-DDC9FDD2627E} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {4E61362A-2D6D-4D0D-90A9-5B11C2E56B87} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302656 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {537BAEA7-74B6-4BB0-B550-F04D7AE25949} - System32\Tasks\dogwoodsdogwoods => C:\Program Files (x86)\Precipices\Hollander.exe
Task: {5B1E43EE-F622-48B5-A33F-4C99123FA265} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CD6B7CB-D3E0-4D2E-8575-D3831A4C5528} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F448A57-1117-4045-8506-220EA029B20E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7351B064-CDC4-49DA-80AE-397FAF0909AB} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [787912 2019-02-14] (A-Volute -> Nahimic)
Task: {735B6A29-0510-45ED-9425-F05EE43916C3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {7AA86948-E137-45D1-A53D-CB2DA2E9C4BE} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\System32\NahimicSvc64.exe [1057248 2019-02-14] (A-Volute -> Nahimic)
Task: {7BBC8D38-A477-4838-AA86-838F7CAF69E8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.)
Task: {847803DC-D2F1-4243-B945-E739715AD312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-01] (Google Inc -> Google LLC)
Task: {90765C0A-ECC2-457E-A476-FCBEC1F04E02} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93393022-F191-46AB-97CA-D0EB471C8122} - System32\Tasks\inactivate-folio => C:\Program Files (x86)\scholars\Embellishing.exe
Task: {98494F83-E6D3-4B7B-9F0C-E57E40C7BB41} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072504 2019-05-25] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {9E8BBAD7-09FB-4B5C-96DD-2B3349AD3097} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9F948989-7203-46FE-9DED-4FC2C226C9DC} - System32\Tasks\inactivate-folioinactivate-folio => C:\Program Files (x86)\scholars\Embellishing.exe
Task: {A3B76F5A-ADDA-4FEE-B178-766550B138B0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2981808 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {AA541656-6632-4D0E-B4DC-C041BAA20D10} - System32\Tasks\inexplicablyinexplicably => C:\Program Files (x86)\Geoscientist\norge.exe
Task: {B01CF8D4-5F69-4849-9EA3-1A5219BEEC74} - System32\Tasks\dogwoods => C:\Program Files (x86)\Precipices\Hollander.exe
Task: {BA44C0BC-1810-4BC6-A8CC-FC1E8DEA158B} - System32\Tasks\inexplicably => C:\Program Files (x86)\Geoscientist\norge.exe
Task: {BCB35A81-9944-42E8-90CC-77336C67564A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {BCB3CF93-E8BB-4040-AB25-262E92B33182} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [787912 2019-02-14] (A-Volute -> Nahimic)
Task: {D7876512-92C7-4F23-BF37-22D15FFD82D8} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E0E7E35A-71C4-4251-9391-AA9157E49BF4} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {E2E021B0-5250-4703-92EE-D1B2A61B6BF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-01] (Google Inc -> Google LLC)
Task: {E5F31AB5-4E82-4708-915A-EB0B3DCEFE1E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBE20778-BC5D-4E60-BC43-ACE2D69036E7} - System32\Tasks\laxativelaxative => C:\Program Files (x86)\bedraggled\bedraggled.exe
Task: {ECB73F3B-2E36-4640-910F-F4637C838349} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-16] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {EF09E6D7-2FD1-4AAC-AB6B-14D64C68A3B8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F05DCD80-AA5D-4DEF-BD0D-5D5C71FEBCF0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {FCFB0844-5137-4283-84D7-D2C37D6FBAAF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2440df3b-7882-4934-a33a-3699a4332898}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{4b36be75-11a3-4b76-94cc-d6fae5fdcee5}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{4b36be75-11a3-4b76-94cc-d6fae5fdcee5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{59287834-0701-4d16-b983-f4f51b216295}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b804f755-d982-4f74-9941-4e335cfd416a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b804f755-d982-4f74-9941-4e335cfd416a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cceaced9-5422-11e9-ad45-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f256aaa0-6aeb-43dd-9f88-c64c8ff53463}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f8a41af7-ae2b-4f73-9c21-653a7bb88aad}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1744618819-3778837739-1969267418-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default [2019-06-11]
CHR Extension: (Slides) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-01]
CHR Extension: (Docs) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-01]
CHR Extension: (Google Drive) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-01]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-06-02]
CHR Extension: (YouTube) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-01]
CHR Extension: (Honey) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-05-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-19]
CHR Extension: (Tampermonkey) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-05-10]
CHR Extension: (Pandora) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2019-04-01]
CHR Extension: (Sheets) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-01]
CHR Extension: (Google Docs Offline) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-01]
CHR Extension: (Marvel Comics) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice [2019-04-01]
CHR Extension: (Dropbox) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2019-04-01]
CHR Extension: (SparkChess) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2019-04-01]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-06-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-01]
CHR Extension: (Picasa) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2019-04-01]
CHR Extension: (Tv Online) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2019-04-01]
CHR Extension: (Gmail) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Alienware Digital Delivery Services; c:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe [34976 2018-12-05] (Dell Inc -> )
R2 Alienware SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S4 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2018-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [409280 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6893160 2019-05-28] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [15560 2019-05-15] (Dell Inc -> Dell Technologies)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-04-21] (BattlEye Innovations e.K. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
S4 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-05-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-04-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\HfcDisableService.exe [1860064 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2788320 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [760008 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720072 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-13] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S4 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2484992 2018-09-04] (Rivet Networks LLC -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1306056 2019-02-14] (A-Volute -> Nahimic)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S4 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [192720 2018-08-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447592 2019-05-07] (Razer USA Ltd. -> Razer Inc.)
S4 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [936552 2019-05-07] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)
S4 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-05-13] (Razer USA Ltd. -> Razer Inc.)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\RstMwService.exe [2112480 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [776136 2018-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S4 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-05-03] (Razer USA Ltd. -> Razer Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S4 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6598496 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\NisSrv.exe [3856504 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\MsMpEng.exe [113984 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S4 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72952 2018-09-04] (Rivet Networks LLC -> CloudBees, Inc.)
S4 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72952 2018-09-04] (Rivet Networks LLC -> CloudBees, Inc.)
R3 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [28376 2019-01-17] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0341248.inf_amd64_3000f277af7fbb1b\B341349\atikmdag.sys [52888992 2019-04-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0341248.inf_amd64_3000f277af7fbb1b\B341349\atikmpag.sys [590752 2019-04-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37160 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [207496 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [263056 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [206408 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61520 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42336 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [167920 2019-06-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112360 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [87992 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [477632 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [225656 2019-06-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [385904 2019-05-31] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [42408 2019-02-20] (IndiLogic LLC -> Dell Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [159712 2018-09-07] (WDKTestCert SYSTEM,130948585914967575 -> Qualcomm Atheros, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-06-03] (Malwarebytes Corporation -> Malwarebytes)
R3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98864 2018-06-11] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1017312 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [73184 2019-01-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
S3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [154752 2018-09-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-03] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-06-10] (Malwarebytes Corporation -> Malwarebytes)
S3 nhi; C:\WINDOWS\System32\drivers\tbt100x.sys [138272 2018-07-05] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b49751b9038af669\nvlddmkm.sys [21836032 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
S1 nvldr; C:\Users\markt\AppData\Local\Temp\pcdwlshg.sys [0 2019-06-02] () <==== ATTENTION (zero byte File/Folder) <==== ATTENTION
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2360048 2018-08-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [49032 2019-01-16] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0064; C:\WINDOWS\System32\drivers\RzDev_0064.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_021e; C:\WINDOWS\System32\drivers\RzDev_021e.sys [51688 2018-04-22] (Razer USA Ltd. -> Razer Inc)
R3 ScrHIDDriver2; C:\WINDOWS\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [48608 2019-03-28] (Microsoft Windows Hardware Compatibility Publisher -> STMicroelectronics)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
R3 UcmCxUcsiNvppc; C:\WINDOWS\System32\drivers\UcmCxUcsiNvppc.sys [453000 2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343520 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54512 2019-01-17] (Intel Corporation -> Intel Corporation)
R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [39680 2019-01-17] (Intel(R) Extreme Tuning Utility -> Intel Corporation)
S0 owcvixg; System32\drivers\svoawezn.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-11 16:35 - 2019-06-11 16:36 - 000043322 _____ C:\Users\markt\Desktop\FRST.txt
2019-06-11 16:35 - 2019-06-11 16:35 - 000000000 ____D C:\FRST
2019-06-11 16:31 - 2019-06-11 16:31 - 002418688 _____ (Farbar) C:\Users\markt\Desktop\FRST64.exe
2019-06-10 19:11 - 2019-06-10 19:11 - 000001484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2019-06-10 19:11 - 2019-06-10 19:11 - 000001472 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2019-06-10 19:11 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2019-06-10 19:07 - 2019-06-10 20:50 - 000002302 _____ C:\WINDOWS\System32\Tasks\NahimicTask32
2019-06-10 19:07 - 2019-06-10 20:50 - 000002282 _____ C:\WINDOWS\System32\Tasks\NahimicTask64
2019-06-10 19:06 - 2019-06-10 19:06 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-06-10 19:06 - 2019-06-10 19:06 - 000000000 ____D C:\WINDOWS\Panther
2019-06-10 19:05 - 2019-06-10 20:02 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-06-10 19:05 - 2019-06-10 19:12 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-06-10 19:05 - 2019-06-10 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2019-06-10 19:05 - 2019-06-10 19:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2019-06-10 19:03 - 2019-06-10 19:04 - 046525608 _____ (Safer-Networking Ltd. ) C:\Users\markt\Downloads\spybot-2.4.exe
2019-06-08 12:10 - 2019-06-08 12:10 - 000001244 _____ C:\Users\Public\Desktop\MAGIX Movie Edit Pro 2016 Premium.lnk
2019-06-07 23:35 - 2019-06-08 12:17 - 000000000 ____D C:\Users\markt\Documents\MAGIX downloads
2019-06-07 23:35 - 2019-06-08 12:17 - 000000000 ____D C:\Users\markt\AppData\Roaming\MAGIX
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Users\Public\Documents\MAGIX
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Users\markt\Documents\MAGIX_MusicEditor
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Users\markt\AppData\Local\Xara
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2019-06-07 23:35 - 2019-06-07 23:35 - 000000000 ____D C:\Program Files\Common Files\MAGIX Shared
2019-06-07 23:34 - 2019-06-08 12:17 - 000000000 ____D C:\ProgramData\MAGIX
2019-06-07 23:34 - 2019-06-08 12:12 - 000000000 ___RD C:\Users\markt\Documents\MAGIX
2019-06-07 23:34 - 2019-06-07 23:34 - 000000000 ____D C:\Program Files\MAGIX
2019-06-07 23:34 - 2019-06-07 23:34 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2019-06-07 23:34 - 2019-06-07 23:34 - 000000000 ____D C:\Program Files (x86)\MAGIX
2019-06-07 16:07 - 2019-06-07 16:07 - 000000000 ____D C:\Users\markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-07 16:07 - 2019-06-07 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-07 16:07 - 2019-06-07 16:07 - 000000000 ____D C:\Program Files (x86)\WinRAR
2019-06-06 16:20 - 2019-06-06 16:20 - 000002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2019-06-06 15:35 - 2019-06-06 15:35 - 000167920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-06-03 17:41 - 2019-06-03 17:41 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-06-03 17:33 - 2019-06-05 21:26 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-03 17:33 - 2019-06-05 21:26 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-03 16:16 - 2019-06-03 17:41 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-03 16:16 - 2019-06-03 16:16 - 000001922 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\Users\markt\AppData\Local\mbamtray
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\Users\markt\AppData\Local\mbam
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-03 16:16 - 2019-06-03 16:16 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-03 16:16 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-03 16:10 - 2019-06-03 16:10 - 000225656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-06-02 21:26 - 2019-06-02 21:26 - 000000001 _____ C:\nqle
2019-06-02 21:09 - 2019-06-02 21:09 - 000000000 ____D C:\Users\markt\AppData\Roaming\Macromedia
2019-06-02 21:06 - 2019-06-02 21:06 - 000000000 ___HD C:\$AV_AVG
2019-06-02 21:04 - 2019-06-03 16:08 - 000000000 ____D C:\avast! sandbox
2019-06-02 20:56 - 2019-06-02 20:56 - 000126464 _____ C:\Users\markt\AppData\Local\lobby.dat
2019-06-02 20:56 - 2019-06-02 20:56 - 000054272 _____ C:\Users\markt\AppData\Local\ApplicationHosting.dat
2019-06-02 20:56 - 2019-06-02 20:56 - 000000000 ____D C:\WINDOWS\SysWOW64\cgivsbp
2019-06-02 20:56 - 2019-06-02 20:56 - 000000000 ____D C:\WINDOWS\system32\cgivsbp
2019-06-02 20:56 - 2019-06-02 20:56 - 000000000 _____ C:\WINDOWS\b45008530
2019-06-02 20:55 - 2019-06-03 16:23 - 000000000 ___HD C:\Program Files (x86)\kubo
2019-06-02 20:55 - 2019-06-03 16:23 - 000000000 ___HD C:\Program Files (x86)\Hitz
2019-06-02 20:55 - 2019-06-02 23:42 - 000000000 ____D C:\ProgramData\fb
2019-06-02 20:55 - 2019-06-02 21:30 - 000003414 _____ C:\WINDOWS\System32\Tasks\inactivate-folio
2019-06-02 20:55 - 2019-06-02 21:30 - 000003400 _____ C:\WINDOWS\System32\Tasks\inexplicably
2019-06-02 20:55 - 2019-06-02 21:30 - 000003398 _____ C:\WINDOWS\System32\Tasks\laxative
2019-06-02 20:55 - 2019-06-02 21:30 - 000003316 _____ C:\WINDOWS\System32\Tasks\inactivate-folioinactivate-folio
2019-06-02 20:55 - 2019-06-02 21:30 - 000003294 _____ C:\WINDOWS\System32\Tasks\inexplicablyinexplicably
2019-06-02 20:55 - 2019-06-02 21:30 - 000003284 _____ C:\WINDOWS\System32\Tasks\laxativelaxative
2019-06-02 20:55 - 2019-06-02 21:29 - 000003396 _____ C:\WINDOWS\System32\Tasks\dogwoods
2019-06-02 20:55 - 2019-06-02 21:29 - 000003282 _____ C:\WINDOWS\System32\Tasks\dogwoodsdogwoods
2019-06-02 20:55 - 2019-06-02 20:55 - 000722944 _____ C:\Users\markt\AppData\Local\sha.db
2019-06-02 20:55 - 2019-06-02 20:55 - 000140800 _____ C:\Users\markt\AppData\Local\installer.dat
2019-06-02 20:55 - 2019-06-02 20:55 - 000000000 ____D C:\Users\markt\AppData\Roaming\et
2019-06-02 20:55 - 2019-06-02 20:55 - 000000000 ____D C:\ProgramData\zAhNtSnlYqTtUj
2019-06-02 20:55 - 2019-06-02 20:55 - 000000000 ____D C:\ProgramData\Pader
2019-06-02 20:54 - 2019-06-03 06:36 - 000000000 ____D C:\Users\markt\AppData\Roaming\AGData
2019-06-02 20:54 - 2019-06-03 00:08 - 000000000 ____D C:\Users\markt\AppData\Local\App
2019-06-02 20:52 - 2019-06-02 20:52 - 000000000 ____D C:\Users\markt\AppData\Local\AdvinstAnalytics
2019-06-02 20:33 - 2019-06-02 20:33 - 003467666 _____ C:\Users\markt\Downloads\Rust Hack v2.4.rar
2019-06-02 13:53 - 2019-06-02 13:53 - 000000000 ___HD C:\OneDriveTemp
2019-05-31 19:58 - 2019-05-23 11:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-05-31 19:58 - 2019-05-23 11:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-05-31 19:58 - 2019-05-23 11:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000552352 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000457304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-05-31 19:58 - 2019-05-23 11:24 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-05-31 19:58 - 2019-05-23 11:24 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-05-31 19:58 - 2019-05-23 11:23 - 011051968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-05-31 19:58 - 2019-05-23 11:23 - 009487240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000821120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000675016 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000631224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000541904 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-05-31 19:58 - 2019-05-23 11:22 - 000522120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 005422040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 004759640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 002039768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001722456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443086.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001542232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001470856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443086.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001162200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 001133824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 000912472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 000808408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-05-31 19:58 - 2019-05-23 11:21 - 000654752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 040412576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 035269592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 020190808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-05-31 19:58 - 2019-05-23 11:20 - 017467024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-05-31 19:58 - 2019-05-23 11:14 - 005085672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-05-31 19:58 - 2019-05-23 11:14 - 004340480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-05-31 19:58 - 2019-05-22 18:39 - 000052456 _____ C:\WINDOWS\system32\nvinfo.pb
2019-05-31 19:55 - 2019-06-10 20:50 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-10 20:50 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-10 20:50 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003212 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000003008 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-06-02 21:30 - 000002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-31 19:55 - 2019-05-31 19:59 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-05-31 19:55 - 2019-05-22 08:45 - 002785592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-05-31 19:55 - 2019-05-22 08:45 - 002164536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-05-31 19:55 - 2019-04-17 02:42 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-05-31 19:55 - 2019-04-16 23:44 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-05-31 16:07 - 2019-05-31 16:07 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-05-28 14:35 - 2019-05-28 14:35 - 000000278 _____ C:\Users\markt\Desktop\Dauntless.url
2019-05-28 14:23 - 2019-06-02 21:30 - 000002922 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1744618819-3778837739-1969267418-1001
2019-05-28 14:23 - 2019-05-28 14:23 - 000002369 _____ C:\Users\markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-27 18:18 - 2019-06-10 20:50 - 000003250 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-05-27 18:18 - 2019-05-27 18:18 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000477632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000363440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-05-27 18:18 - 2019-05-27 18:18 - 000263056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000207496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000206408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000061520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-05-27 18:18 - 2019-05-27 18:18 - 000037160 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-05-27 18:18 - 2019-04-01 16:15 - 000015280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2019-05-27 12:02 - 2019-05-27 12:03 - 003958158 _____ C:\Users\markt\Downloads\rust_hack_v24_76c16.zip
2019-05-25 17:46 - 2019-06-02 21:30 - 000003150 _____ C:\WINDOWS\System32\Tasks\Adobe Reader and Acrobat Manager
2019-05-25 17:44 - 2019-05-25 17:44 - 000002596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2019-05-25 17:44 - 2019-05-25 17:44 - 000002584 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2019-05-25 17:44 - 2019-01-10 13:07 - 000042848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2019-05-25 17:43 - 2019-06-10 16:43 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2019-05-25 17:43 - 2019-05-25 17:44 - 000000000 ____D C:\Program Files (x86)\AVG
2019-05-25 17:41 - 2019-05-25 17:44 - 000000000 ____D C:\Users\markt\AppData\Local\AvgSetupLog
2019-05-25 17:41 - 2019-05-25 17:41 - 003640208 _____ (AVG Technologies CZ, s.r.o.) C:\Users\markt\Downloads\AVG_Performance_709.exe
2019-05-21 20:34 - 2019-05-21 20:34 - 000000000 ____D C:\Users\markt\AppData\Roaming\AudioVisualizerApp
2019-05-15 17:11 - 2019-05-22 17:01 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-05-15 17:09 - 2019-05-07 14:54 - 001721600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-15 17:09 - 2019-05-07 14:54 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-15 17:09 - 2019-05-06 00:35 - 001468000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvppcgenco64_1127831.dll
2019-05-15 17:09 - 2019-05-06 00:35 - 000453000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\UcmCxUcsiNvppc.sys
2019-05-15 12:13 - 2019-05-15 12:13 - 000042184 _____ (Alienware) C:\WINDOWS\system32\LightFX.dll
2019-05-15 12:13 - 2019-05-15 12:13 - 000036040 _____ C:\WINDOWS\SysWOW64\LightFX.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 002780000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-14 17:26 - 2019-05-14 17:26 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-14 17:26 - 2019-05-14 17:26 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-14 17:26 - 2019-05-14 17:26 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-14 17:26 - 2019-05-14 17:26 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-14 17:26 - 2019-05-14 17:26 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000080184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-14 17:26 - 2019-05-14 17:26 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-14 17:26 - 2019-05-14 17:26 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-14 17:26 - 2019-05-14 17:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-14 17:19 - 2019-05-13 16:23 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-14 17:19 - 2019-05-13 16:23 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 13:20 - 2019-05-14 13:20 - 000000000 _____ C:\WINDOWS\SysWOW64\SpyWareFolderstoFilter.txt
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-11 16:29 - 2019-03-31 23:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-11 16:23 - 2019-03-31 21:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-11 12:39 - 2019-04-27 10:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-10 20:50 - 2019-04-01 20:10 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-06-10 20:50 - 2019-04-01 16:20 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-10 20:50 - 2019-04-01 16:20 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-10 20:50 - 2019-03-31 22:13 - 000002342 _____ C:\WINDOWS\System32\Tasks\NahimicSvc64Run
2019-06-10 20:50 - 2019-03-31 22:13 - 000002342 _____ C:\WINDOWS\System32\Tasks\NahimicSvc32Run
2019-06-10 19:23 - 2019-02-20 21:25 - 000000000 ____D C:\Program Files (x86)\Alienware Digital Delivery Services
2019-06-10 19:07 - 2019-05-09 08:17 - 000563576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-10 19:07 - 2019-02-26 18:45 - 000000000 __SHD C:\Users\markt\IntelGraphicsProfiles
2019-06-10 19:06 - 2019-03-31 23:47 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-10 19:06 - 2019-03-31 21:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-10 16:43 - 2019-03-31 21:52 - 000000000 ____D C:\Users\markt\AppData\Local\CrashDumps
2019-06-09 12:27 - 2019-04-01 16:27 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-09 10:59 - 2019-03-31 23:53 - 000000000 ____D C:\WINDOWS\INF
2019-06-08 17:39 - 2019-04-01 16:43 - 000000000 ____D C:\Users\markt\AppData\Roaming\Discord
2019-06-08 17:28 - 2019-03-31 23:54 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-08 17:28 - 2019-03-31 23:54 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-07 23:38 - 2019-03-31 21:36 - 000000000 ____D C:\Users\markt\AppData\Local\D3DSCache
2019-06-07 23:34 - 2019-03-31 23:54 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-03 16:42 - 2019-02-20 21:36 - 000000000 ____D C:\ProgramData\Packages
2019-06-03 16:23 - 2019-02-20 21:18 - 000000000 ____D C:\Program Files\Killer Networking
2019-06-03 16:16 - 2019-03-31 23:54 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-03 16:16 - 2019-03-15 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-02 21:30 - 2019-03-31 22:18 - 000003330 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-06-02 21:02 - 2019-03-31 21:26 - 000000000 ____D C:\Users\markt
2019-06-02 21:02 - 2019-03-31 21:09 - 000000000 ____D C:\ProgramData\A-Volute
2019-06-02 21:01 - 2019-04-27 10:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-06-02 14:10 - 2019-02-20 21:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-06-02 14:08 - 2019-02-20 21:22 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installations
2019-06-02 13:53 - 2019-02-26 18:47 - 000000000 ___RD C:\Users\markt\OneDrive
2019-05-31 20:15 - 2019-03-11 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-05-31 20:01 - 2019-04-27 10:43 - 000000000 ____D C:\Users\markt\ansel
2019-05-31 20:00 - 2019-03-11 17:40 - 000000000 ____D C:\temp
2019-05-31 19:58 - 2019-03-31 21:33 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-31 19:55 - 2019-04-27 10:42 - 000001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-05-31 19:55 - 2019-04-27 10:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-05-31 19:55 - 2019-04-27 10:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-05-28 14:24 - 2019-04-21 19:18 - 000000000 ____D C:\Program Files\Epic Games
2019-05-25 17:46 - 2019-04-15 18:36 - 000000000 ____D C:\Users\markt\AppData\Local\Battle.net
2019-05-25 17:44 - 2019-04-01 16:16 - 000000000 ____D C:\Users\markt\AppData\Local\AVG
2019-05-25 17:44 - 2019-04-01 16:14 - 000000000 ____D C:\ProgramData\AVG
2019-05-22 17:01 - 2019-04-27 10:41 - 005432688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 002637808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 000650608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 000450872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-05-22 17:01 - 2019-04-27 10:41 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-22 10:03 - 2019-04-27 10:41 - 008579232 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-05-22 08:45 - 2019-04-27 10:41 - 001316208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-05-22 08:40 - 2019-04-27 10:41 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-05-18 13:21 - 2019-03-31 23:54 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-17 16:24 - 2019-04-15 18:37 - 000000000 ____D C:\Users\markt\AppData\Local\Blizzard Entertainment
2019-05-17 16:24 - 2019-04-15 18:35 - 000000000 ____D C:\Users\markt\AppData\Local\Blizzard
2019-05-17 16:24 - 2019-04-15 18:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-05-15 17:21 - 2019-04-01 00:04 - 000000000 ____D C:\Program Files (x86)\Razer
2019-05-15 16:40 - 2019-03-31 23:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-15 16:35 - 2019-03-31 21:36 - 000000000 ____D C:\Users\markt\AppData\Local\Razer
2019-05-14 19:24 - 2019-03-31 23:54 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-14 19:24 - 2019-03-31 23:54 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-14 17:19 - 2019-03-31 22:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-14 17:15 - 2019-03-31 22:05 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 13:21 - 2019-04-01 06:45 - 000000148 _____ C:\WINDOWS\SysWOW64\SmartFlow.txt
2019-05-14 12:59 - 2019-04-01 16:22 - 000000000 ____D C:\Users\markt\AppData\Roaming\vlc
==================== Files in the root of some directories ================
2019-06-02 20:56 - 2019-06-02 20:56 - 000054272 _____ () C:\Users\markt\AppData\Local\ApplicationHosting.dat
2019-06-02 20:55 - 2019-06-02 20:55 - 000140800 _____ () C:\Users\markt\AppData\Local\installer.dat
2019-06-02 20:56 - 2019-06-02 20:56 - 000126464 _____ () C:\Users\markt\AppData\Local\lobby.dat
2019-06-02 20:55 - 2019-06-02 20:55 - 000722944 _____ () C:\Users\markt\AppData\Local\sha.db
==================== FLock ================
2019-04-01 00:06 C:\Recovery
2019-06-10 20:51 C:\System Volume Information
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
****
Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)
highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Highlight the entire content inside the quote box below and select Copy.
Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~`
AdwCleaner - Fix Mode
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RogueKiller
Please post these 3 logs when finished.
Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)
highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Highlight the entire content inside the quote box below and select Copy.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.
Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~`
- Download AdwCleaner and move it to your Desktop
- Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
- Accept the EULA (I accept), then click on Scan
- Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
- Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
- After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Download the right version of RogueKiller for your Windows version (32 or 64-bit)
- Once done, move the executable file to your Desktop, right-click on it and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
- Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
- Wait for the scan to complete
- On completion, the results will be displayed
- Check every single entry (threat found), and click on the Remove Selected button
- On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
- This will open the report in Notepad. Copy/paste its content in your next reply
Please post these 3 logs when finished.
Did you allow the tools to remove/quarantine what it found?
Let's check for remnants
If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
If you don't have Malwarebytes 3 installed yet please download it from here and install it. Here
Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
~~~~~~~~~~~~~~~~~~~~~~~
Emsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
Also, tell me how the computer is now.
Let's check for remnants
If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
If you don't have Malwarebytes 3 installed yet please download it from here and install it. Here
Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
~~~~~~~~~~~~~~~~~~~~~~~
Emsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
- Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
- Once the extraction is complete, the EEK folder will open. Right-click on [img=http://i.imgur.com/G0tu5D9.png]start emergency kit scanner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
- EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
- After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
- Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
- If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
- After the restart, open EEK again (in the C:\EEK folder);
- This time, click on Logs;
- From there, go under the Quarantine Log tab, and click on the Export button;
- Save the log on your desktop, then open it, and copy/paste its content in your next reply;
Also, tell me how the computer is now.
yes
did you follow post 11?
Did you allow the tools to remove/quarantine what it found?
Let's check for remnants
If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
If you don't have Malwarebytes 3 installed yet please download it from here and install it. Here
Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
~~~~~~~~~~~~~~~~~~~~~~~
Emsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
Also, tell me how the computer is now.
did you follow post 11?
Did you allow the tools to remove/quarantine what it found?
Let's check for remnants
If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
If you don't have Malwarebytes 3 installed yet please download it from here and install it. Here
Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
~~~~~~~~~~~~~~~~~~~~~~~
Emsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
- Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
- Once the extraction is complete, the EEK folder will open. Right-click on [img=http://i.imgur.com/G0tu5D9.png]start emergency kit scanner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
- EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
- After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
- Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
- If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
- After the restart, open EEK again (in the C:\EEK folder);
- This time, click on Logs;
- From there, go under the Quarantine Log tab, and click on the Export button;
- Save the log on your desktop, then open it, and copy/paste its content in your next reply;
Also, tell me how the computer is now.
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 6/19/19
Scan Time: 4:13 PM
Log File: 0cfe0068-92d7-11e9-8910-9cb6d0c187b0.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.11144
License: Free
-System Information-
OS: Windows 10 (Build 17763.557)
CPU: x64
File System: NTFS
User: DESKTOP-BLHSTOF\markt
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 286411
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 0 min, 55 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Emsisoft Anti-Malware - Version 2019.5
Last update: 6/19/2019 4:24:00 PM
Initiated by: DESKTOP-BLHSTOF\markt
Computer name: DESKTOP-BLHSTOF
OS version: Windows 10x64
Scan settings:
Scan type: Quick Scan
Objects: Rootkits, Memory, Traces
Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
Scan start: 6/19/2019 4:24:32 PM
Scanned 64135
Found 0
Scan end: 6/19/2019 4:24:42 PM
Scan time: 0:00:10
www.malwarebytes.com
-Log Details-
Scan Date: 6/19/19
Scan Time: 4:13 PM
Log File: 0cfe0068-92d7-11e9-8910-9cb6d0c187b0.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.11144
License: Free
-System Information-
OS: Windows 10 (Build 17763.557)
CPU: x64
File System: NTFS
User: DESKTOP-BLHSTOF\markt
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 286411
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 0 min, 55 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Emsisoft Anti-Malware - Version 2019.5
Last update: 6/19/2019 4:24:00 PM
Initiated by: DESKTOP-BLHSTOF\markt
Computer name: DESKTOP-BLHSTOF
OS version: Windows 10x64
Scan settings:
Scan type: Quick Scan
Objects: Rootkits, Memory, Traces
Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
Scan start: 6/19/2019 4:24:32 PM
Scanned 64135
Found 0
Scan end: 6/19/2019 4:24:42 PM
Scan time: 0:00:10
From the logs there were no signs of breech or specific infection on the computer which makes me tend to believe entry was gained through the web sites.
Very often we see post of people complaining their accounts have been hacked into on Ebay and PayPal. Myself thinking the web sites were compromised, which so many are attacked each year where money is exchanged. Google Ebay hacked.
If, fraudulent criminal activity has occurred, please contact PayPal so you might be reimbursed.
I'm not sure if this can be considered a POS attack or not.
Good articles to read over below.
https://www.trendmicro.com/vinfo/pl...have-missed-about-pos-attacks-of-recent-years
someone got a hold of my bank account/routing number, added to their paypal and used it.
https://www.zdnet.com/article/why-c...-of-sale-malware-is-still-such-a-big-problem/
This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.
One thing we haven't run is a rootkit scan.
Follow the instructions in the thread below to run a scan with MBAR. Don't forget to update the database before launching the scan, and once launched, leave MBAR running and do not touch your computer until it is done scanning.
https://forums.malwarebytes.com/top...is-in-use-error-unable-to-start-malwarebytes/
Once MBAR is done scanning, removing threats and rebooting your computer, go in its MBAR folder, and copy/paste the content of the mbar-log-TODAYS-DATE.txt log in your next reply.
Very often we see post of people complaining their accounts have been hacked into on Ebay and PayPal. Myself thinking the web sites were compromised, which so many are attacked each year where money is exchanged. Google Ebay hacked.
If, fraudulent criminal activity has occurred, please contact PayPal so you might be reimbursed.
I'm not sure if this can be considered a POS attack or not.
Good articles to read over below.
https://www.trendmicro.com/vinfo/pl...have-missed-about-pos-attacks-of-recent-years
someone got a hold of my bank account/routing number, added to their paypal and used it.
https://www.zdnet.com/article/why-c...-of-sale-malware-is-still-such-a-big-problem/
This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.
~~~~~~~~~~~~~~~~~~~~~~`
One thing we haven't run is a rootkit scan.
Follow the instructions in the thread below to run a scan with MBAR. Don't forget to update the database before launching the scan, and once launched, leave MBAR running and do not touch your computer until it is done scanning.
https://forums.malwarebytes.com/top...is-in-use-error-unable-to-start-malwarebytes/
Once MBAR is done scanning, removing threats and rebooting your computer, go in its MBAR folder, and copy/paste the content of the mbar-log-TODAYS-DATE.txt log in your next reply.
In the future I strongly suggest you stay away from using cracks and/or Keygens. Malware and virus authors love to spread their infections via cracks.
Many of the keygens uploaded to p2p sites are done so by infected systems and are named in such a way to make them look like awsome downloads.
Most victims don't even know they are sharing worms....
Others are script kiddies uploading crapware because they think its funny.
Crack sites are just as bad.
Simply visiting the site out of curosity just to see if a "crack" is even available without downloading can get you infected because the sites themselves take advantage of exploitable software/OS to infect it.
For more detailed instructions as to what you should do, please read:
Identity Theft Victims Guide - What to do
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
What Should I Do If I've Become A Victim Of Identity Theft?
~~~~~~~~~~~~~~~~
I think we can remove tools and quarantine folders now.
Many of the keygens uploaded to p2p sites are done so by infected systems and are named in such a way to make them look like awsome downloads.
Most victims don't even know they are sharing worms....
Others are script kiddies uploading crapware because they think its funny.
Crack sites are just as bad.
Simply visiting the site out of curosity just to see if a "crack" is even available without downloading can get you infected because the sites themselves take advantage of exploitable software/OS to infect it.
For more detailed instructions as to what you should do, please read:
Identity Theft Victims Guide - What to do
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
What Should I Do If I've Become A Victim Of Identity Theft?
~~~~~~~~~~~~~~~~
I think we can remove tools and quarantine folders now.
- Please download DelFix or from Here and save the file to your Desktop.
- Double-click DelFix.exe to run the programme.
- Place a checkmark next to the following items:
- Activate UAC
- Remove disinfection tools
- Click the Run button.
- -- This will remove the specialized tools we used to disinfect your system.
Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
- Status