
Besoin d'aide. Ordinateur infecté par un virus persistant. – Resoudre les problemes d’un serveur MineCraft
Merci pour la réponse rapide ci-dessous sont les journaux demandés:
Fixlog créé:
Correction du résultat de Farbar Recovery Scan Tool (x64) Version: 12-01-2020
Ran by OWL (13-01-2020 23:42:43) Course: 1
Exécution à partir de C: Users OWL Desktop
Profils chargés: OWL (Profils disponibles: JJAG & OWL)
Mode de démarrage: Normal
==============================================
contenu de la liste de correctifs:
*****************
début
CreateRestorePoint:
FermerProcessus:
ShortcutTarget: MEGAsync.lnk -> C: Users OWL AppData Local MEGAsync MEGAsync.exe (aucun fichier)
Tâche: 001FD37A-44BA-4615-BE3D-0908D087B063 – System32 Tasks caproncapron => C: Program Files (x86) Failing Undetectable.exe
Tâche: 0C613A82-1680-4825-9152-7D5CE1919786 – System32 Tasks enregistre sed inchedsaves sed inched => C: Users JJAG AppData Local Undetectable.exe
Tâche: 16561E3C-1E2C-4125-BB4F-9B6089E14DFF – System32 Tasks lucy_bavaria => C: Users JJAG AppData Local Ibex.exe
Tâche: 4BA060D1-33E1-45C9-9AE3-A27EAF9A10EA – System32 Tasks lilienthal_revokedlilienthal_revoked => C: Program Files (x86) Homosexually Undetectable.exe
Tâche: 54003798-E56B-49BC-A656-01E18BEFA773 – System32 Tasks lilienthal_revoked => C: Program Files (x86) Homosexually Undetectable.exe
Tâche: 9C269D53-0F3F-431C-B497-4798AC21278A – System32 Tasks unutterable kourou => C: Program Files (x86) Homosexually Ibex.exe
Tâche: 9C725AC5-8D9D-41D6-BE44-522E16C78866 – System32 Tasks informinformed => C: Program Files (x86) Envisions depictions.exe
Tâche: 9E1C977E-5E3D-42CB-A699-DF6C5927928A – System32 Tasks saves sed inched => C: Users JJAG AppData Local Undetectable.exe
Tâche: A940258F-F2AA-499F-8CA0-D83BAE45C58E – System32 Tasks missionaries-zinn => C: Program Files (x86) clanging Ibex.exe
Tâche: CA3A20AF-AD57-42D0-80B8-D1E592D9B666 – System32 Tasks capron => C: Program Files (x86) Failing Undetectable.exe
Tâche: CE27F6DF-1F6E-4BC3-9306-FE7C0CD6FB57 – System32 Tasks CORVALLIS => C: Program Files CORVALLIS CORVALLIS.exe
Tâche: D42E0014-8435-415C-ACA8-241DD7941243 – System32 Tasks missionaries-zinnmissionaries-zinn => C: Program Files (x86) clanging Ibex.exe
Tâche: F9880159-277A-4A7E-8AD1-7336550285E4 – System32 Tasks lucy_bavarialucy_bavaria => C: Users JJAG AppData Local Ibex.exe
Tâche: FEB06AA5-61D8-4469-BEEC-ADFCCF576469 – System32 Tasks Informed => C: Program Files (x86) Envisions depictions.exe
Tâche: C: WINDOWS Tasks CORVALLIS.job => C: Program Files CORVALLIS CORVALLIS.exe
BHO: avast! Sécurité en ligne -> 8E5E2654-AD2D-48bf-AC2D-D17F00898D06 -> Aucun fichier
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> 451C804F-C205-4F03-B48E-537EC94937BF -> Aucun fichier
BHO-x32: Gestionnaire de cache de documents Office -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C: PROGRA ~ 2 MICROS ~ 1 Office14 URLREDIR.DLL => Aucun fichier
Gestionnaire: WSWSVCUchrome – {1CA93FF0-A218-44F1 – Aucun fichier
FF Plugin-x32: @ microsoft.com / OfficeAuthz, version = 14.0 -> C: PROGRA ~ 2 MICROS ~ 1 Office14 NPAUTHZ.DLL [No File]
FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 -> C: PROGRA ~ 2 MICROS ~ 1 Office14 NPSPWRAP.DLL [No File]
S3 mracsvc; C: Windows System32 mracsvc.exe [11132176 2018-10-15] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mracdrv; C: WINDOWS System32 drivers mracdrv.sys [10348560 2018-10-15] (Mail.Ru LLC -> LLC Mail.Ru)
U3 idsvc; pas ImagePath
C: Program Files (x86) Failing Undetectable.exe
C: Users JJAG AppData Local Undetectable.exe
C: Users JJAG AppData Local Ibex.exe
C: Program Files (x86) Homosexually Undetectable.exe
C: Program Files (x86) Homosexuellement Ibex.exe
C: Program Files (x86) Envisions depictions.exe
C: Program Files (x86) clanging Ibex.exe
C: Program Files CORVALLIS CORVALLIS.exe
C: Windows System32 mracsvc.exe
C: WINDOWS System32 drivers mracdrv.sys
VirusTotal: G: Program Files (x86) launcher.exe
VirusTotal: E: dwnldz rcsetup153 (1) .exe
VirusTotal: C: Users JJAG Desktop scs1507.exe
VirusTotal: C: Games Sshock2 SHOCK2.EXE
Redémarrer:
Fin
*****************
Erreur: (0) Impossible de créer un point de restauration.
Les processus se sont clôturés avec succès.
"C: Users OWL AppData Local MEGAsync MEGAsync.exe" => introuvable
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Plain 001FD37A-44BA-4615-BE3D-0908D087B063" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 001FD37A-44BA-4615-BE3D-0908D087B063" => supprimé avec succès
C: WINDOWS System32 Tasks caproncapron => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree caproncapron" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Plain 0C613A82-1680-4825-9152-7D5CE1919786" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 0C613A82-1680-4825-9152-7D5CE1919786" => supprimé avec succès
C: WINDOWS System32 Tasks enregistre sed inchedsaves sed inched => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree enregistre sed inchedsaves sed inched" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon 16561E3C-1E2C-4125-BB4F-9B6089E14DFF" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 16561E3C-1E2C-4125-BB4F-9B6089E14DFF" => supprimé avec succès
C: WINDOWS System32 Tasks lucy_bavaria => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree lucy_bavaria" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Plain 4BA060D1-33E1-45C9-9AE3-A27EAF9A10EA" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 4BA060D1-33E1-45C9-9AE3-A27EAF9A10EA" => supprimé avec succès
C: WINDOWS System32 Tasks lilienthal_revokedlilienthal_revoked => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree lilienthal_revokedlilienthal_revoked" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon 54003798-E56B-49BC-A656-01E18BEFA773" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 54003798-E56B-49BC-A656-01E18BEFA773" => supprimé avec succès
C: WINDOWS System32 Tasks lilienthal_revoked => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree lilienthal_revoked" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon 9C269D53-0F3F-431C-B497-4798AC21278A" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 9C269D53-0F3F-431C-B497-4798AC21278A" => supprimé avec succès
C: WINDOWS System32 Tasks unutterable kourou => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree unutterable kourou" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Plain 9C725AC5-8D9D-41D6-BE44-522E16C78866" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 9C725AC5-8D9D-41D6-BE44-522E16C78866" => supprimé avec succès
C: WINDOWS System32 Tasks informinformed => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree informinformed" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon 9E1C977E-5E3D-42CB-A699-DF6C5927928A" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks 9E1C977E-5E3D-42CB-A699-DF6C5927928A" => supprimé avec succès
C: WINDOWS System32 Tasks saves sed inched => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree saves sed inched" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon A940258F-F2AA-499F-8CA0-D83BAE45C58E" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks A940258F-F2AA-499F-8CA0-D83BAE45C58E" => supprimé avec succès
C: WINDOWS System32 Tasks missionaries-zinn => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree missionaries-zinn" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon CA3A20AF-AD57-42D0-80B8-D1E592D9B666" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks CA3A20AF-AD57-42D0-80B8-D1E592D9B666" => supprimé avec succès
C: WINDOWS System32 Tasks capron => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree capron" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon CE27F6DF-1F6E-4BC3-9306-FE7C0CD6FB57" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks CE27F6DF-1F6E-4BC3-9306-FE7C0CD6FB57" => supprimé avec succès
C: WINDOWS System32 Tasks CORVALLIS => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree CORVALLIS" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Plain D42E0014-8435-415C-ACA8-241DD7941243" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks D42E0014-8435-415C-ACA8-241DD7941243" => supprimé avec succès
C: WINDOWS System32 Tasks missionaries-zinnmissionaries-zinn => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree missionaries-zinnmissionaries-zinn" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Plain F9880159-277A-4A7E-8AD1-7336550285E4" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks F9880159-277A-4A7E-8AD1-7336550285E4" => supprimé avec succès
C: WINDOWS System32 Tasks lucy_bavarialucy_bavaria => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree lucy_bavarialucy_bavaria" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Logon FEB06AA5-61D8-4469-BEEC-ADFCCF576469" => supprimé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tasks FEB06AA5-61D8-4469-BEEC-ADFCCF576469" => supprimé avec succès
C: WINDOWS System32 Tasks Informé => déplacé avec succès
"HKLM Software Microsoft Windows NT CurrentVersion Schedule TaskCache Tree informé" => supprimé avec succès
C: WINDOWS Tasks CORVALLIS.job => déplacé avec succès
HKLM SOFTWARE Microsoft Windows CurrentVersion Explorer Browser Helper Objects 8E5E2654-AD2D-48bf-AC2D-D17F00898D06 => supprimé avec succès
HKLM Software Classes CLSID 8E5E2654-AD2D-48bf-AC2D-D17F00898D06 => supprimé avec succès
HKLM SOFTWARE Wow6432Node Microsoft Windows CurrentVersion Explorer Browser Helper Objects 451C804F-C205-4F03-B48E-537EC94937BF => supprimé avec succès
HKLM Software Wow6432Node Classes CLSID 451C804F-C205-4F03-B48E-537EC94937BF => supprimé avec succès
HKLM SOFTWARE Wow6432Node Microsoft Windows CurrentVersion Explorer Browser Helper Objects B4F3A835-0E21-4959-BA22-42B3008E02FF => supprimé avec succès
HKLM Software Wow6432Node Classes CLSID B4F3A835-0E21-4959-BA22-42B3008E02FF => supprimé avec succès
HKLM Software Classes PROTOCOLS Handler WSWSVCUchrome => supprimé avec succès
Gestionnaire: WSWSVCUchrome – {1CA93FF0-A218-44F1 – Aucun fichier => n'a pas pu supprimer .: chemin d'accès incorrect.
HKLM Software Wow6432Node MozillaPlugins @ microsoft.com / OfficeAuthz, version = 14.0 => supprimé avec succès
HKLM Software Wow6432Node MozillaPlugins @ microsoft.com / SharePoint, version = 14.0 => supprimé avec succès
HKLM System CurrentControlSet Services mracsvc => supprimé avec succès
mracsvc => service supprimé avec succès
HKLM System CurrentControlSet Services mracdrv => supprimé avec succès
mracdrv => service supprimé avec succès
HKLM System CurrentControlSet Services idsvc => supprimé avec succès
idsvc => service supprimé avec succès
"C: Program Files (x86) Failing Undetectable.exe" => introuvable
"C: Users JJAG AppData Local Undetectable.exe" => introuvable
"C: Users JJAG AppData Local Ibex.exe" => introuvable
"C: Program Files (x86) Homosexually Undetectable.exe" => introuvable
"C: Program Files (x86) Homosexually Ibex.exe" => introuvable
"C: Program Files (x86) Envisions depictions.exe" => introuvable
"C: Program Files (x86) clanging Ibex.exe" => introuvable
"C: Program Files CORVALLIS CORVALLIS.exe" => introuvable
C: Windows System32 mracsvc.exe => déplacé avec succès
C: WINDOWS System32 drivers mracdrv.sys => déplacé avec succès
"VirusTotal: G: Program Files (x86) launcher.exe" => introuvable
"VirusTotal: E: dwnldz rcsetup153 (1) .exe" => introuvable
"VirusTotal: C: Users JJAG Desktop scs1507.exe" => introuvable
"VirusTotal: C: Games Sshock2 SHOCK2.EXE" => introuvable
Le système avait besoin d'un redémarrage.
FRST:
Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-01-2020
Ran par OWL (administrateur) sur B00M-P3WT0R (13-01-2020 23:49:49)
Exécution à partir de C: Users OWL Desktop
Profils chargés: OWL (Profils disponibles: JJAG & OWL)
Plateforme: Windows 10 Pro version 1909 18363.535 (X64) Langue: anglais (États-Unis)
Navigateur par défaut: Edge
Mode de démarrage: Normal
==================== Processus (sur liste blanche) =================
(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C: Windows System32 DriverStore FileRepository͆453.inf_amd64_bc963e4e92e4ff40 B346420 atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C: Windows System32 DriverStore FileRepository͆453.inf_amd64_bc963e4e92e4ff40 B346420 atiesrxx.exe
(AMD) [File not signed] C: Program Files AMD Performance Profile Client AUEPLauncher.exe
(AMD) [File not signed] C: Program Files AMD Performance Profile Client AUEPMaster.exe
(AMD) [File not signed] C: Program Files AMD Performance Profile Client AUEPUF.exe
(Incorporation ASROCK ->) C: Program Files (x86) ASRock Utility A-Tuning Bin IOMonitorSrv.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe
(BUFFALO INC.) [File not signed] C: Program Files (x86) BUFFALO NASNAVI nassvc.exe
(CHENGDU YIWO Tech Development Co., Ltd. ->) C: Program Files (x86) EaseUS Todo Backup bin TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C: Program Files (x86) EaseUS Todo Backup bin Agent.exe
(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C: Program Files Samsung USB Drivers 28_ssconn2 conn ss_conn_service2.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C: Program Files EnigmaSoft SpyHunter ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C: Program Files EnigmaSoft SpyHunter ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C: Program Files EnigmaSoft SpyHunter SpyHunter5.exe
(Intel Corporation – Micrologiciel Intel® Management Engine -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe
(Intel Corporation – Firmware du moteur de gestion Intel® -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components FWService IntelMeFWService.exe
(Intel Corporation – Micrologiciel Intel® Management Engine -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe
(Intel Corporation – Intel® Rapid Storage Technology -> Intel Corporation) C: Program Files Intel Intel® Rapid Storage Technology IAStorDataMgrSvc.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C: Users OWL AppData Local Microsoft OneDrive OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v4.0.30319 SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v4.0.30319 SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 spaceman.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 vds.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C: Program Files Samsung USB Drivers 27_ssconn conn ss_conn_service.exe
(Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft) C: Program Files (x86) iSkysoft IAF 2.4.3.227 IsAppService.exe
==================== Registre (liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM … Run: [RTHDVCPL] => C: Program Files Realtek Audio HDA RAVCpl64.exe [13672304 2014-03-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU S-1-5-21-526169441-3370718946-2259949942-1162 … RunOnce: [Application Restart #2] => C: Program Files (x86) BraveSoftware Brave-Browser Application brave.exe [1916560 2019-06-27] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 79.0.3945.117 Installer chrmstp.exe [2020-01-07] (Google LLC -> Google LLC)
HKLM Software Microsoft Active Setup Installed Components: [AFE6A462-C574-4B8A-AF43-4CC60DF4563B] -> C: Program Files (x86) BraveSoftware Brave-Browser Application 75.0.66.99 Installer chrmstp.exe [2019-07-12] (Brave Software, Inc.) [File not signed]
HKLM Software … Authentication Credential Providers: [3AFAB1A7-F3DB-4DED-B51B-25E34D21D798] -> C: WINDOWS system32 USBKeyCredentialProvider.dll [2014-07-31] (Incorporation ASROCK ->)
HKLM Software … Authentication Credential Providers: [503739d0-4c5e-4cfd-b3ba-d881334f0df2] ->
Démarrage: C: Users JJAG AppData Roaming Microsoft Windows Start Menu Programs Startup MEGAsync.lnk [2019-08-24]
ShortcutTarget: MEGAsync.lnk -> C: Users OWL AppData Local MEGAsync MEGAsync.exe (aucun fichier)
GroupPolicy: Restriction? <==== ATTENTION
==================== Tâches planifiées (liste blanche) ============
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
Tâche: 018587C3-AA9F-4920-A4CD-83A90986D0AD – System32 Tasks 3E549E52-368E-4BF8-B45E-7F14D3F2FAB6 => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 01D7D51F-53FF-4150-A708-CA6695608405 – Tâche de mise à jour System32 Tasks MEGA MEGAsync S-1-5-21-526169441-3370718946-2259949942-1000 => C: Users JJAG AppData Local MEGAsync MEGAupdater.exe [615160 2019-09-02] (Mega Limited -> Mega Limited)
Tâche: 022C32F4-0C5B-4B95-9207-724902530F11 – System32 Tasks Microsoft Windows Media Center DispatchRecoveryTasks => C: WINDOWS ehome ehPrivJob.exe
Tâche: 04FE2A24-9E70-4FC0-9D6A-9CD74DFE72C1 – System32 Tasks 328E268A-69BC-4D2F-B50D-275A7C0B1E9A => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 0D1760B3-F9FE-4D9B-8D87-6DF861DD8C6D – System32 Tasks SafeZone prévu Autoupdate 1475027896 => C: Program Files AVAST Software SZBrowser launcher.exe
Tâche: 180BBBED-EF7C-44D2-86C4-1E388FAD5F17 – System32 Tasks EA502867-33D5-49BC-B933-DC190FC3C587 => E: dwnldz mb3-setup-37469.37469-3.8.3.2965-1.0.613- 1.0.11270.exe [64333800 2019-08-28] (Malwarebytes Corporation -> Malwarebytes)
Tâche: 1C6172F8-53BA-4F0F-9C04-4C839B30E7F4 – System32 Tasks EA757601-B666-4AC4-9340-74A044244175 => C: Games Sshock2 SHOCK2.EXE
Tâche: 1DCD2E85-83A2-464E-A409-70136ABF08DC – System32 Tasks Games UpdateCheck_S-1-5-21-526169441-3370718946-2259949942-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE5
Tâche: 20465750-ED20-45C5-9906-465FE8626512 – System32 Tasks 5EEEB279-0CB0-441E-A167-B441F53808AA => C: Windows system32 pcalua.exe -a C: Users JJAG Desktop Sims3_1.6.6.002002_from_1.0.631.00002 (1) .exe -d C: Users JJAG Desktop
Tâche: 240B698A-0533-48DF-B8C5-36D62735445C – System32 Tasks Microsoft Windows Media Center PvrScheduleTask => C: WINDOWS ehome mcupdate.exe
Tâche: 24AFC750-2D45-4DA6-B3D8-FF07158F7B9D – System32 Tasks Microsoft Windows SideShow GadgetManager => FF87090D-4A9A-4f47-879B-29A80C355D61
Tâche: 24E5E0C7-53AD-42EF-8900-B79E8C08768D – System32 Tasks 53DD572E-91FC-4B49-8093-18ACA978ADF8 => C: Windows system32 pcalua.exe -a G: setup.exe – d G:
Tâche: 2735D01D-76B7-4AEA-AB6C-27082391AEC4 – System32 Tasks 5C5F7DAD-FACF-45A8-8192-7CEDD1B64AF1 => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 2C04924D-7A4C-435E-99C2-610D6C28B12D – System32 Tasks E2E7CB76-2EB0-4CB2-BBCD-3F65C9D44FCF => C: Windows system32 pcalua.exe -a C: Users JJAG Desktop Domination_install_1.1.1.6.exe -d C: Users JJAG Desktop
Tâche: 2C2F68CA-8DDF-4B67-A684-267413D1B70D – System32 Tasks BraveSoftwareUpdateTaskMachineCore => C: Program Files (x86) BraveSoftware Update BraveUpdate.exe [159368 2019-07-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Tâche: 2CDAA618-9A87-450E-A0F9-FCBB264B47A5 – System32 Tasks Microsoft Windows Media Center OCURActivate => C: WINDOWS ehome ehPrivJob.exe
Tâche: 2D1FF361-5FC3-4FA0-8C97-7AC2F2FF1783 – System32 Tasks Microsoft Windows Media Center ObjectStoreRecoveryTask => C: WINDOWS ehome mcupdate.exe
Tâche: 2E2BB0E1-0619-4778-84DF-CCE60331F5A0 – System32 Tasks 151CA858-D44C-4470-A0C5-E5FC785B3D3E => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 2FD28EF0-5479-4616-82A6-8BF14B7910CB – System32 Tasks Microsoft Windows Media Center PBDADiscoveryW1 => C: WINDOWS ehome ehPrivJob.exe
Tâche: 34C270A3-2C4F-4C76-9114-E7567794BE2C – System32 Tasks BEFF8373-328B-40C1-B703-9D2C031C8D90 => C: Windows system32 pcalua.exe -a C: Users JJAG Downloads Domination_install_1.1.1.6.exe -d C: Users JJAG Downloads
Tâche: 3553E593-7EB4-4D34-BFB8-A5A3E610CC7C – System32 Tasks 9DF8E528-B238-4DC5-9FA8-FB7550AC2817 => E: dwnldz rcsetup153.exe
Tâche: 36789684-5E0D-451E-9DC4-6DC6D0E56F8E – System32 Tasks 586F8A18-7F8A-4D6F-A880-9C1FD2CE7FFE => G: Program Files (x86) launcher.exe <==== ATTENTION
Tâche: 384ACF98-D16F-41FC-A558-7667E2A842CF – System32 Tasks Microsoft Windows Media Center PeriodicScanRetry => C: WINDOWS ehome MCUpdate.exe
Tâche: 3B8B23F1-9DA7-4C53-B574-E4F6D333169C – System32 Tasks 0185E367-318D-41C9-9D22-EC816AE8FE1C => C: Windows system32 pcalua.exe -a D: SPORESetup.exe – d D:
Tâche: 3CA0301B-8888-406E-A9A3-B71A8F41AD1A – System32 Tasks 96C25C6C-A968-4D8A-9175-A669432B8775 => C: Program Files (x86) Symantec Norton PartitionMagic 8.0 PMagic.exe
Tâche: 3DEAE040-BC65-43F8-9C34-F932EEA18BA9 – System32 Tasks D2A39763-7DF2-4D1B-8767-814A6758DE5F => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 417CBD1D-572E-48E3-87E8-A5660674BD0F – System32 Tasks Microsoft Windows Media Center RecordingRestart => C: WINDOWS ehome ehrec.exe
Tâche: 41DBE814-B440-4129-888C-68F306EBF67D – System32 Tasks Microsoft Windows Media Center OCURDiscovery => C: WINDOWS ehome ehPrivJob.exe
Tâche: 4261C004-B34A-45A1-8943-4604A6A7CAD3 – System32 Tasks IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C: Program Files (x86) Intel Intel® Update Manager bin iumsvc.exe [177376 2016-08-12] (Intel® Update Manager -> Intel Corporation)
Tâche: 44D0CA6D-3A62-4D7E-A47E-6D84868550A5 – System32 Tasks StartCN => C: Program Files AMD CNext CNext cncmd.exe [61112 2019-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 45040C33-A8EF-43B1-AAA6-A684D54363FC – System32 Tasks Microsoft Windows Media Center ActivateWindowsSearch => C: WINDOWS ehome ehPrivJob.exe
Tâche: 46F07DED-2AB5-4E0C-8D90-4587C6413AD2 – System32 Tasks 7316FEEB-F3BC-45B8-AEC9-8076BB97795C => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 486D715E-6AA2-44CF-BC48-B6990CBB53C6 – System32 Tasks Microsoft Windows Shell WindowsParentalControlsMigration => 343D770D-7788-47c2-B62A-B7C4CED925CB
Tâche: 48D34394-DECB-49C6-BCAB-7DA044B6D141 – System32 Tasks Microsoft Windows SideShow SessionAgent => 45F26E9E-6199-477F-85DA-AF1EDfE067B1
Tâche: 48ED6BFA-3B05-4315-8570-6718576816B9 – System32 Tasks F76EC954-0E74-474C-81E6-15846DF98353 => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 4A6C9ED4-5B7C-4A83-91F9-D8F28BCE9A3A – System32 Tasks IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C: Program Files (x86) Intel Intel® Update Manager bin iumsvc .EXE [177376 2016-08-12] (Intel® Update Manager -> Intel Corporation)
Tâche: 4BB5B9E2-12FC-4A58-A3C4-C620B4E63782 – System32 Tasks Microsoft Windows Media Center PBDADiscovery => C: WINDOWS ehome ehPrivJob.exe
Tâche: 4E1B88F5-8E6A-4E80-B6C2-04EFAB5AD380 – System32 Tasks Microsoft Windows Media Center UpdateRecordPath => C: WINDOWS ehome ehPrivJob.exe
Tâche: 4F4A0C2B-D2F9-420A-9903-752F535B6AB4 – System32 Tasks Kingston SSD Toolbox => C: Program Files (x86) Kingston SSD Toolbox Kingston SSD Toolbox.exe
Tâche: 57C3F39D-6A75-4B2B-A653-FEBB6C6B9FE7 – System32 Tasks 04E55847-AED5-45ED-B817-462F8F136EB7 => E: dwnldz rcsetup153 (1) .exe
Tâche: 5B42DD9C-5A26-4F27-BB95-34603F0997E5 – System32 Tasks Microsoft Windows Shell WindowsParentalControls => DFA14C43-F385-4170-99CC-1B7765FA0E4A
Tâche: 5C652317-FC20-4080-BC7C-AA6D122D324B – Tâche de mise à jour System32 Tasks Microsoft Windows Live SOXE Extractor Definitions => 3519154C-227E-47F3-9CC9-12C3F05817F1
Tâche: 5E70A440-1D86-43F5-84B6-C72AA0103F1C – System32 Tasks Microsoft Windows Media Center ConfigureInternetTimeService => C: WINDOWS ehome ehPrivJob.exe
Tâche: 605626FD-D91F-4F14-BDEB-3895EDD0B731 – System32 Tasks 1C6845D6-3CAE-492D-A920-C726D48C2AD5 => C: Windows system32 pcalua.exe -a C: Users JJAG Bureau scs1507.exe -d C: Users JJAG Desktop
Tâche: 61D91425-E490-40FD-8C9A-32D360644A28 – System32 Tasks unutterable kourouunutterable kourou => C: Program Files (x86) Homosexually Ibex.exe
Tâche: 62F31E9C-BCD5-415F-9B9E-AC8BD93BA043 – System32 Tasks AMDLinkUpdate => C: Program Files AMD CIM BIN64 InstallManagerApp.exe [468992 2019-09-03] (Advanced Micro Devices, Inc.) [File not signed]
Tâche: 6B8E5587-3C3F-4EE1-A55B-2D47357ED377 – System32 Tasks Microsoft Windows Media Center ReindexSearchRoot => C: WINDOWS ehome ehPrivJob.exe
Tâche: 6B90A49E-EB9A-4FAA-9157-6D473297B16B – System32 Tasks Microsoft Windows Media Center InstallPlayReady => C: WINDOWS ehome ehPrivJob.exe
Tâche: 7A5EE066-0B98-45D1-BC47-643C014DCDEA – System32 Tasks E6505B3C-9234-4A23-8427-601D9145A13C => C: Windows system32 pcalua.exe -a D: DoWNL0AdZ Toon. Boom.StoryBoard.Pro.v8.1.0.4108.[F.B] StoryboardPro_Trial.exe -d D: DoWNL0AdZ Toon.Boom.StoryBoard.Pro.v8.1.0.4108.[F.B]
Tâche: 7C7C9197-F038-42CD-8212-2F7D6DBDC00A – System32 Tasks 554AA649-B798-4649-8D78-87D9CE950F1C => C: Windows system32 pcalua.exe -a G: autorun.exe – d G:
Tâche: 7DB2A67B-C335-4E6A-88F5-FEC1DA744BB7 – System32 Tasks 056A9A34-8C5F-4D5E-B731-CA576E574F7E => C: Users JJAG Desktop eclipse eclipse.exe
Tâche: 85AA8E1F-FD39-42DD-BDF5-251F233E793E – System32 Tasks Microsoft Windows Media Center MediaCenterRecoveryTask => C: WINDOWS ehome mcupdate.exe
Tâche: 8AF44F0D-BCEB-4CCF-88D3-96F422BEDAA9 – System32 Tasks 3C23679E-CC08-4D75-949C-E5E40DF4EB82 => C: Windows system32 pcalua.exe -a D: DoWNL0AdZ Antichamber Binaries UnSetup.exe -d D: DoWNL0AdZ Antichamber Binaries
Tâche: 8C16175D-53A9-4E73-A2CE-61742FF63CAD – System32 Tasks 5BC55AA5-2D2B-493A-80AA-5B89D67A23DE => E: dwnldz rcsetup153 (1) .exe
Tâche: 9209B194-9590-466A-98C9-1DE184EFAD52 – System32 Tasks 48C82E03-44FF-49FD-80C3-3B6D0E719DC1 => E: dwnldz mb3-setup-37469.37469-3.8.3.2965-1.0.613 1.0.11270.exe [64333800 2019-08-28] (Malwarebytes Corporation -> Malwarebytes)
Tâche: 976AD7B9-5C77-4DD9-BAAA-B85795845B3D – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2017-12-12] (Google Inc -> Google Inc.)
Tâche: 9957557E-A93D-463B-BAF6-3D9C9409AD6F – System32 Tasks AMDInstallUEP => C: Program Files AMD InstallUEP AMDInstallUEP.exe [2356736 2019-04-14] () [File not signed]
Tâche: A2286CE0-0F55-48C4-9DAC-5B60262C38DB – System32 Tasks BraveSoftwareUpdateTaskMachineUA => C: Program Files (x86) BraveSoftware Update BraveUpdate.exe [159368 2019-07-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Tâche: A233E047-3F23-440C-ACDD-41CD186027A0 – System32 Tasks Microsoft Windows SideShow AutoWake => E51DFD48-AA36-4B45-BB52-E831F02E8316
Tâche: A9584CEE-8EDD-45BD-A4F1-69F660FFEB81 – System32 Tasks ModifyLinkUpdate => C: Program Files AMD CIM Bin64 InstallManagerApp.exe [468992 2019-09-03] (Advanced Micro Devices, Inc.) [File not signed]
Tâche: B0CBAB43-44FC-469B-A4CE-87426761FDCE – System32 Tasks Microsoft Windows PerfTrack BackgroundConfigSurveyor => EA9155A3-8A39-40b4-8963-D3C761B18371
Task: B342F0CB-B540-4DC8-AF57-2F19A313E99E – System32TasksMicrosoftWindowsSideShowSystemDataProviders => 7CCA6768-8373-4D28-8876-83E8B4E3A969
Task: B43B7DEB-8BB8-471D-ABB2-F71C11DBEE64 – System32Tasks890B87B1-5DE7-4BD5-B1CC-788E78D89E1E => C:GamesSshock2SHOCK2.EXE
Task: B6F2572D-A958-4FB7-8093-DD226E29FB56 – System32TasksAVAST SoftwareAvast settings backup => C:Program FilesCommon FilesAVavast! Antivirusbackup.exe
Task: BAA4D7E6-7BDC-4F77-9B3A-BFC7FFA80187 – System32Tasks9C50D8FE-0039-49CC-A198-8A671C4A3EA9 => C:UsersJJAGDesktopeclipseeclipse.exe
Task: BD19E99B-6409-4ED1-B6DE-E74A89262D6F – System32TasksMicrosoftWindowsMedia CenterPvrRecoveryTask => C:WINDOWSehomemcupdate.exe
Task: C02ED385-FACB-4F74-B8F4-B70F0C339756 – System32TasksMicrosoftWindowsMedia CenterPBDADiscoveryW2 => C:WINDOWSehomeehPrivJob.exe
Task: CA4B434C-030F-41E9-BE7C-68A64A54D6C5 – System32TasksMicrosoftWindowsMedia CenterRegisterSearch => C:WINDOWSehomeehPrivJob.exe
Task: CBBA9263-2097-495A-98DE-5360B0DF197F – System32TasksMicrosoftWindowsMedia CenterSqlLiteRecoveryTask => C:WINDOWSehomemcupdate.exe
Task: CFA1E5B6-584D-4784-9B86-72F09B740BD5 – System32TasksMicrosoftMicrosoft AntimalwareMicrosoft Antimalware Scheduled Scan => C:Program FilesMicrosoft Security Client\MpCmdRun.exe
Task: D2D52E10-1B57-4497-BA55-A1980CB1D6C3 – System32Tasks47B6DAB2-C9DB-4535-9045-327925D70FFB => E:dwnldzrcsetup153 (1).exe
Task: D38ACD7A-70AD-4726-98CB-F32393D4AB35 – System32TasksE4B1FC4A-28E3-41A3-BBCD-8589DE5BF026 => C:Windowssystem32pcalua.exe -a C:UsersJJAGDownloadsvcredist_x86.exe -d C:UsersJJAGDownloads
Task: D50B4962-E75C-486A-91A2-C05F4173660F – System32Tasks6563EAB6-C90A-4CB0-93C6-C1A43D3BCCC5 => C:Windowssystem32pcalua.exe -a "G:CDdNero 2016 Platinum v17.0.02000 + Crack [TechTools.net]Nero 2016 Platinum v17.0.02000 + Crack [TechTools.net]setup_contentpack.exe" -d "G:CDdNero 2016 Platinum v17.0.02000 + Crack [TechTools.net]Nero 2016 Platinum v17.0.02000 + Crack [TechTools.net]"
Task: D6F1BB6E-D3C6-4B27-9CA1-F26655CBDDB8 – System32TasksStartCNBM => C:Program FilesAMDCNextCNextcncmd.exe [61112 2019-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: DA70D56B-E940-4AD4-A812-FA7D73EA972A – System32TasksA4DE8692-555C-4B7F-8692-E714F982E88C => C:UsersJJAGDesktopeclipseeclipse.exe
Task: DC166B8C-5AEC-4A89-9393-F9B54EE327C6 – System32Tasks8B64F6CB-916E-43D5-86DF-1C424C809450 => C:UsersJJAGDesktopeclipseeclipse.exe
Task: DCAF2043-E35C-4878-A31F-B98A74D8FB73 – System32TasksMicrosoftWindowsMedia Centermcupdate => C:WINDOWSehomemcupdate.exe
Task: DE06DA82-A28D-4482-AE44-4022DEB91645 – System32TasksStartDVR => C:Program FilesAMDCNextCNextRSServCmd.exe [68280 2019-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: DFD47274-C06B-471E-AF76-007D104E00C9 – System32TasksMicrosoftWindowsMobilePCHotStart => 06DA0625-9701-43da-BFD7-FBEEA2180A1E
Task: E8E2E695-B4F3-4166-88A6-A5FCBD2C95A9 – System32TasksAsrSP.exe => C:Program Files (x86)ASRock UtilityA-TuningBinAsrSP.exe [2461960 2014-05-27] (ASROCK Incorporation -> )
Task: F584C5B8-C5AA-4EB4-AB62-56CD4E9D534A – System32TasksSidebarExecute => C:Program FilesWindows Sidebarsidebar.exe
Task: F82539FB-01C7-4D44-B22C-4CBEE85ABAE7 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153168 2017-12-12] (Google Inc -> Google Inc.)
Task: F9439CDA-C04C-40C2-8FB2-CF0D1A4ECC69 – System32TasksEA776C43-07B3-4E5D-86D3-82A998D6052D => C:Windowssystem32pcalua.exe -a C:UsersJJAGDownloadsforge-1.8-11.14.3.1450-installer-win.exe -d C:UsersJJAGDownloads
Task: FE4BBADB-D0C2-4091-AC5C-9B28DF138E50 – System32TasksMicrosoftWindowsMedia CenterehDRMInit => C:WINDOWSehomeehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
TcpipParameters: [DhcpNameServer] 64.19.96.69 64.19.96.72
Tcpip..Interfaces 88C5E5B-9439-4154-A937-B50A865E7A32: [DhcpNameServer] 192.168.42.129
Tcpip..Interfaces4610ADD3-88E8-47C9-A32B-56591EB2098D: [DhcpNameServer] 64.19.96.69 64.19.96.72
Tcpip..InterfacesF834D23B-3967-4D1F-9650-95C81D80D47C: [DhcpNameServer] 192.168.50.1
Internet Explorer:
==================
BHO: SteadyVideoBHO Class -> 6C680BAE-655C-4E3D-8FC4-E6A520C3D928 -> C:Program FilesAMDSteadyVideoSteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_91binssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_91binjp2ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: 6abof1xn.default
FF ProfilePath: C:UsersOWLAppDataRoamingMozillaFirefoxProfiles6abof1xn.default [2019-08-28]
FF ProfilePath: C:UsersOWLAppDataRoamingMozillaFirefoxProfiles50jp6tk2.default-release [2020-01-13]
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_25_0_0_171.dll [2017-05-18] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:Program FilesJavajre1.8.0_91bindtpluginnpDeployJava1.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:Program FilesJavajre1.8.0_91binplugin2npjp2.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:Program FilesUnityWebPlayer64loader-x64npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_25_0_0_171.dll [2017-05-18] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:Program Files (x86)BraveSoftwareUpdate1.3.99.0npBraveUpdate3.dll [2019-07-12] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:Program Files (x86)BraveSoftwareUpdate1.3.99.0npBraveUpdate3.dll [2019-07-12] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.35.422npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.35.422npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 11.0ReaderAIRnppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Profile: C:UsersOWLAppDataLocalGoogleChromeUser DataDefault [2020-01-12]
CHR Extension: (Avira Browser Safety) – C:UsersOWLAppDataLocalGoogleChromeUser DataDefaultExtensionsflliilndjeohchalpbbcdekjklbdgfkk [2019-11-06]
CHR Extension: (Chrome Web Store Payments) – C:UsersOWLAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-11-06]
CHR Extension: (Chrome Media Router) – C:UsersOWLAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06]
CHR HKLM…ChromeExtension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32…ChromeExtension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:WINDOWSSystem32DriverStoreFileRepository͆453.inf_amd64_bc963e4e92e4ff40B346420atiesrxx.exe [508632 2019-09-04] (Advanced Micro Devices, Inc. -> AMD)
S4 AMD FUEL Service; C:Program FilesAMDATI.ACEFuelFuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 ASRockIOMon; C:Program Files (x86)ASRock UtilityA-TuningBinIOMonitorSrv.exe [463112 2014-07-31] (ASROCK Incorporation -> )
R2 AUEPLauncher; C:Program FilesAMDPerformance Profile ClientAUEPLauncher.exe [43008 2019-09-03] (AMD) [File not signed]
R2 EaseUS Agent; C:Program Files (x86)EaseUSTodo BackupbinAgent.exe [40104 2019-09-02] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 EsgShKernel; C:Program FilesEnigmaSoftSpyHunterShKernel.exe [11780320 2019-11-26] (EnigmaSoft Limited -> EnigmaSoft Limited)
S4 GalaxyCommunication; C:ProgramDataGOG.comGalaxyredistsGalaxyCommunication.exe [6920248 2015-09-02] (GOG Limited -> GOG.com)
S4 Intel® Capability Licensing Service TCP IP Interface; C:Program FilesInteliCLS ClientSocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel® Corporation)
R2 Intel® ME Service; C:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exe [131544 2014-03-20] (Intel Corporation – Intel® Management Engine Firmware -> Intel Corporation)
R2 IsAppService; C:Program Files (x86)IskysoftIAF2.4.3.227IsAppService.exe [492296 2017-06-19] (Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft)
S3 iumsvc; C:Program Files (x86)IntelIntel® Update Managerbiniumsvc.exe [177376 2016-08-12] (Intel® Update Manager -> Intel Corporation)
R2 jhi_service; C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe [154584 2014-03-20] (Intel Corporation – Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [6960640 2020-01-12] (Malwarebytes Inc -> Malwarebytes)
R2 NasPmService; C:Program Files (x86)BUFFALONASNAVInassvc.exe [245760 2013-11-21] (BUFFALO INC.) [File not signed]
S4 PnkBstrA; C:WindowsSysWOW64PnkBstrA.exe [76888 2013-06-02] (Even Balance, Inc. -> )
S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5796168 2019-09-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShMonitor; C:Program FilesEnigmaSoftSpyHunterShMonitor.exe [519904 2019-11-26] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 ss_conn_launcher_service; C:WINDOWSSystem32SamsungEasySetupss_conn_launcher.exe [182112 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:Program FilesSamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2019-08-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:Program FilesSamsungUSB Drivers28_ssconn2connss_conn_service2.exe [780328 2019-08-16] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.1911.3-0NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.1911.3-0MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:Program Files (x86)WondershareWAF2.4.3.233WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdiox64; C:WINDOWSSystem32DRIVERSamdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:WINDOWSSystem32DriverStoreFileRepository͆453.inf_amd64_bc963e4e92e4ff40B346420atikmdag.sys [60632792 2019-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:WINDOWSSystem32DriverStoreFileRepository͆453.inf_amd64_bc963e4e92e4ff40B346420atikmpag.sys [598232 2019-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amd_sata; C:WINDOWSSystem32driversamd_sata.sys [82560 2012-02-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 amd_xata; C:WINDOWSSystem32driversamd_xata.sys [42624 2012-02-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
U5 androidusb; C:WindowsSystem32Driversandroidusb.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation)
R2 AODDriver4.3; C:Program FilesAMDATI.ACEFuelamd64AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsrAppCharger; C:WINDOWSSystem32DRIVERSAsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows ® Win 7 DDK provider)
S3 AsrDrv101; C:WindowsSysWOW64DriversAsrDrv101.sys [22280 2015-08-22] (ASROCK Incorporation -> ASRock Incorporation)
R0 AsrRamDisk; C:WINDOWSSystem32driversAsrRamDisk.sys [40200 2013-08-02] (ASROCK Incorporation -> ASRock Inc.)
R3 AtiHDAudioService; C:WINDOWSsystem32driversAtihdWT6.sys [108152 2019-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 CMUSBDAC; C:WINDOWSsystem32DRIVERSCMUSBDAC.sys [3819744 2018-07-24] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus.sys [135520 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:WINDOWSSystem32driversdtlitescsibus.sys [30264 2015-11-11] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EnigmaFileMonDriver; C:WINDOWSSystem32driversEnigmaFileMonDriver.sys [68424 2020-01-13] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [153312 2020-01-12] (Malwarebytes Corporation -> Malwarebytes)
R0 EUBAKUP; C:WINDOWSSystem32driverseubakup.sys [73448 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:WINDOWSSystem32driversEUBKMON.sys [53504 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:WINDOWSsystem32driverseudskacs.sys [22784 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:WINDOWSsystem32driversEuFdDisk.sys [341760 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 HTCAND64; C:WINDOWSSystem32DriversANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation)
S3 htcnprot; C:WINDOWSsystem32DRIVERShtcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows ® Win 7 DDK provider)
S3 HtcVCom32; C:WINDOWSSystem32DRIVERSHtcVComV64.sys [121800 2010-03-08] (Sqa.com(Test) -> QUALCOMM Incorporated)
R3 ikbevent; C:WINDOWSSystem32DRIVERSikbevent.sys [22216 2014-05-27] (Intel CASE -> )
R3 imsevent; C:WINDOWSSystem32DRIVERSimsevent.sys [22728 2014-05-27] (Intel CASE -> )
S3 INETMON; C:WindowsSystem32DriversINETMON.sys [25800 2014-05-27] (Intel CASE -> )
R3 ISCT; C:WINDOWSSystem32driversISCTD.sys [44744 2014-05-27] (Intel CASE -> )
R1 ISODrive; C:Program Files (x86)UltraISOdriversISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R0 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [218288 2020-01-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [20936 2020-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [226448 2020-01-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [73584 2020-01-13] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248968 2020-01-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [105112 2020-01-13] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:WINDOWSsystem32DRIVERSTeeDriverx64.sys [129312 2014-09-30] (Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 pbfilter; C:Program FilesPeerBlockpbfilter.sys [22600 2014-01-04] (PeerBlock, LLC -> )
R3 rt640x64; C:WINDOWSSystem32driversrt640x64.sys [662528 2019-03-18] (Microsoft Windows -> Realtek )
S3 silabenm; C:WINDOWSSystem32DRIVERSsilabenm.sys [27336 2013-10-24] (Silicon Laboratories -> Silicon Laboratories) [File not signed]
S0 sptd; C:WINDOWSSystem32Driverssptd.sys [381608 2015-11-11] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [166752 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:WINDOWSSystem32Driversss_conn_usb_driver2.sys [43360 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:WINDOWSSystem32DRIVERStap-tb-0901.sys [38656 2016-09-21] (TunnelBear, Inc. -> The OpenVPN Project)
R1 veracrypt; C:WINDOWSSystem32driversveracrypt.sys [829320 2019-09-04] (IDRIX -> IDRIX)
S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:WINDOWSsystem32DRIVERSusb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-13 23:44 – 2020-01-13 23:44 – 000073584 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys
2020-01-13 23:43 – 2020-01-13 23:43 – 000248968 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2020-01-13 23:43 – 2020-01-13 23:43 – 000226448 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys
2020-01-13 23:43 – 2020-01-13 23:43 – 000105112 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys
2020-01-13 23:42 – 2020-01-13 23:42 – 000013026 _____ C:UsersOWLDesktopFixlog.txt
2020-01-12 20:47 – 2020-01-12 20:47 – 000000000 ___HD C:OneDriveTemp
2020-01-12 17:18 – 2020-01-12 17:19 – 000065480 _____ C:UsersOWLDesktopAddition.txt
2020-01-12 17:17 – 2020-01-13 23:50 – 000038485 _____ C:UsersOWLDesktopFRST.txt
2020-01-12 17:17 – 2020-01-13 23:50 – 000000000 ____D C:FRST
2020-01-12 17:10 – 2020-01-12 17:10 – 002573312 _____ (Farbar) C:UsersOWLDesktopFRST64.exe
2020-01-12 13:58 – 2020-01-12 13:58 – 000000000 ____D C:UsersDefaultAppDataLocalD3DSCache
2020-01-12 13:58 – 2020-01-12 13:58 – 000000000 ____D C:UsersDefaultAppDataLocalAMD
2020-01-12 13:58 – 2020-01-12 13:58 – 000000000 ____D C:UsersDefault UserAppDataLocalD3DSCache
2020-01-12 13:58 – 2020-01-12 13:58 – 000000000 ____D C:UsersDefault UserAppDataLocalAMD
2020-01-12 07:53 – 2020-01-12 07:53 – 000000000 ____D C:UsersOWLAppDataLocalmbam
2020-01-12 07:52 – 2020-01-12 07:52 – 000218288 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2020-01-12 07:52 – 2020-01-12 07:52 – 000153312 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys
2020-01-12 07:52 – 2020-01-12 07:52 – 000002039 _____ C:UsersPublicDesktopMalwarebytes.lnk
2020-01-12 07:52 – 2020-01-12 07:52 – 000000000 ____D C:UsersOWLAppDataLocalmbamtray
2020-01-12 07:52 – 2020-01-12 07:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes
2020-01-12 07:52 – 2020-01-12 07:52 – 000000000 ____D C:ProgramDataMalwarebytes
2020-01-12 07:52 – 2020-01-12 07:51 – 000020936 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys
2020-01-12 07:50 – 2020-01-12 07:50 – 000000000 ____D C:Program FilesMalwarebytes
2020-01-11 23:52 – 2020-01-11 23:52 – 000000000 ____D C:UsersOWLAppDataLocalOneDrive
2020-01-09 06:59 – 2020-01-09 06:59 – 001163359 _____ C:UsersOWLDesktoparbatel-of-magick.pdf
2020-01-09 06:53 – 2020-01-09 06:53 – 000162628 _____ C:UsersOWLDesktop1_Rs97e7a9heiZnl51Rw_E7A.jpeg
2020-01-08 15:53 – 2020-01-12 00:11 – 000000000 ____D C:UsersOWLAppDataRoamingvlc
2020-01-08 15:52 – 2020-01-08 15:52 – 000000000 ____D C:UsersOWLAppDataRoamingdvdcss
2020-01-07 22:51 – 2020-01-07 22:51 – 000000000 ____D C:easeus_tb_cloud
2020-01-07 22:08 – 2020-01-08 15:51 – 000000000 ____D C:UsersOWLAppDataRoamingImgBurn
2020-01-04 22:31 – 2020-01-04 22:31 – 000056087 _____ C:UsersOWLDesktopSC212134233.jpeg
2020-01-03 02:53 – 2020-01-03 02:58 – 000001745 _____ C:UsersOWLDocumentsmofth j0ke.txt
2019-12-24 11:08 – 2019-12-24 11:08 – 000000000 ____D C:ProgramDataEmsisoft
2019-12-24 11:05 – 2019-12-24 20:17 – 000000000 ____D C:EEK
2019-12-20 08:35 – 2019-12-20 08:35 – 000006835 _____ C:UsersOWLDesktopimages (1).jpeg
2019-12-20 08:30 – 2019-12-20 08:30 – 000006193 _____ C:UsersOWLDesktopimages.jpeg
2019-12-20 08:28 – 2019-12-20 08:28 – 000088483 _____ C:UsersOWLDesktopdownload.html
2019-12-20 02:34 – 2019-12-20 02:35 – 000941740 _____ C:UsersOWLDesktopWindows6.0-KB933246-x64.msu
2019-12-20 01:48 – 2019-12-20 01:48 – 000001193 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsSamsung DeX.lnk
2019-12-20 01:48 – 2019-12-20 01:48 – 000001181 _____ C:UsersPublicDesktopSamsung DeX.lnk
2019-12-18 01:39 – 2019-12-18 01:39 – 000000000 ____D C:UsersOWLAppDataLocalElevatedDiagnostics
2019-12-18 01:26 – 2020-01-13 23:28 – 000000000 ____D C:UsersOWLDesktopcleaned
2019-12-17 22:59 – 2019-12-17 23:00 – 000000198 _____ C:UsersOWLDesktopDocument1.txt
2019-12-16 00:51 – 2019-12-16 00:51 – 000000000 ____D C:UsersOWLDocumentsMixpad Projects
2019-12-16 00:50 – 2019-12-16 00:50 – 000000000 ____D C:UsersOWLAppDataRoamingNCH Software
2019-12-15 22:37 – 2019-12-18 01:26 – 000000000 ____D C:UsersOWLAppDataRoamingAudacity
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-13 23:49 – 2019-03-18 22:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2020-01-13 23:44 – 2019-11-26 05:00 – 000068424 _____ (EnigmaSoft Limited) C:WINDOWSsystem32DriversEnigmaFileMonDriver.sys
2020-01-13 23:44 – 2019-10-11 08:20 – 000003100 _____ C:WINDOWSsystem32TasksAMDLinkUpdate
2020-01-13 23:44 – 2019-09-06 23:30 – 000000000 ___RD C:UsersOWLOneDrive
2020-01-13 23:43 – 2019-09-04 14:16 – 000000006 ____H C:WINDOWSTasksSA.DAT
2020-01-13 23:43 – 2019-03-18 22:37 – 000786432 _____ C:WINDOWSsystem32configBBI
2020-01-13 23:43 – 2019-03-18 22:37 – 000032768 _____ C:WINDOWSsystem32configELAM
2020-01-13 23:43 – 2016-08-25 10:23 – 000065536 _____ C:WINDOWSsystem32spu_storage.bin
2020-01-13 23:42 – 2019-09-06 23:30 – 000000000 ____D C:UsersOWLAppDataLocalPlaceholderTileLogoFolder
2020-01-13 23:28 – 2019-09-04 14:11 – 000937152 _____ C:WINDOWSsystem32PerfStringBackup.INI
2020-01-13 23:27 – 2019-03-18 22:52 – 000000000 ____D C:WINDOWSAppReadiness
2020-01-13 23:27 – 2019-03-18 22:50 – 000000000 ____D C:WINDOWSINF
2020-01-12 20:47 – 2019-09-06 23:08 – 000000000 ____D C:UsersOWLAppDataLocalD3DSCache
2020-01-12 20:46 – 2019-10-11 08:34 – 000000000 ____D C:Program Files (x86)Mozilla Firefox
2020-01-12 20:46 – 2012-11-17 23:14 – 000000000 ___HD C:Program Files (x86)Mozilla Maintenance Service
2020-01-12 17:38 – 2019-03-18 22:52 – 000000000 ____D C:WINDOWSLiveKernelReports
2020-01-12 17:09 – 2019-08-28 12:34 – 000000000 ____D C:UsersOWLAppDataLocalLowMozilla
2020-01-12 17:09 – 2012-11-17 20:05 – 000001159 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-01-12 16:03 – 2019-09-04 14:09 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2020-01-12 14:04 – 2019-03-18 22:52 – 000000000 ____D C:WINDOWSsystem32NDF
2020-01-12 13:46 – 2019-09-06 23:08 – 000000000 ____D C:UsersOWLAppDataLocalPackages
2020-01-12 13:46 – 2019-03-18 22:52 – 000000000 ___HD C:Program FilesWindowsApps
2020-01-12 12:23 – 2019-08-30 23:22 – 000000000 ____D C:Program Files (x86)Microsoft Office
2020-01-12 10:15 – 2013-08-14 02:00 – 000000000 ____D C:WINDOWSsystem32MRT
2020-01-12 10:11 – 2012-12-24 23:13 – 129221664 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2020-01-12 08:02 – 2019-09-06 23:08 – 000000000 ____D C:UsersOWLAppDataLocalConnectedDevicesPlatform
2020-01-12 08:00 – 2019-08-28 21:26 – 000000000 ____D C:UsersOWLAppDataLocalsekipxh
2020-01-12 08:00 – 2019-08-28 12:31 – 000000000 ____D C:UsersOWLAppDataLocaldsomnkp
2020-01-12 08:00 – 2018-11-11 06:09 – 000000000 ____D C:UsersJJAGAppDataLocalsbrogti
2020-01-12 08:00 – 2018-08-12 23:32 – 000000000 ____D C:UsersJJAGAppDataLocalcsnxwhr
2020-01-12 08:00 – 2018-06-20 18:04 – 000000000 ____D C:Program FilesN2IzZWUzYjFh
2020-01-12 08:00 – 2017-08-22 15:14 – 000000000 ____D C:UsersJJAGDesktopBFG
2020-01-12 08:00 – 2017-07-01 00:22 – 000000000 ____D C:UsersJJAGDesktopjDe
2020-01-12 08:00 – 2012-11-19 00:45 – 000000000 ____D C:UsersJJAGDesktopPrograms
2020-01-12 07:53 – 2019-09-06 23:13 – 000000000 ____D C:UsersOWLAppDataLocalcache
2020-01-12 07:52 – 2019-03-18 22:52 – 000000000 ___HD C:WINDOWSELAMBKUP
2020-01-07 15:58 – 2017-12-12 18:11 – 000002319 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-01-07 15:58 – 2017-12-12 18:11 – 000002278 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2019-12-20 02:15 – 2019-09-04 14:42 – 000000000 ____D C:ProgramDataPackages
2019-12-20 01:57 – 2019-09-04 14:17 – 000000000 __RHD C:UsersPublicAccountPictures
2019-12-20 01:48 – 2013-02-11 08:44 – 000000000 ____D C:ProgramDataPackage Cache
2019-12-18 01:52 – 2019-11-13 11:17 – 000000000 ____D C:UsersOWLDesktop2g dup
2019-12-14 17:23 – 2019-09-06 23:08 – 000000000 ___RD C:UsersOWL3D Objects
2019-12-14 17:06 – 2019-09-04 14:12 – 000000000 ____D C:UsersOWL
2019-12-14 17:05 – 2019-09-04 14:09 – 000450680 _____ C:WINDOWSsystem32FNTCACHE.DAT
2019-12-14 16:55 – 2019-03-18 22:52 – 000000000 ____D C:WINDOWSSystemResources
2019-12-14 16:55 – 2019-03-18 22:52 – 000000000 ____D C:WINDOWSShellExperiences
2019-12-14 16:55 – 2019-03-18 22:52 – 000000000 ____D C:WINDOWSbcastdvr
==================== Files in the root of some directories ========
2013-09-01 18:49 – 2013-09-01 18:49 – 000021494 ____H () C:Program Files (x86) x0409.ini
2013-09-01 18:49 – 2013-09-01 18:49 – 000003584 ____H () C:Program Files (x86)1033.MST
2019-05-22 06:36 – 2014-09-27 13:15 – 000800824 _____ (Microsoft Corporation) C:UsersOWLAppDataRoamingDPInst.exe
2019-05-22 06:36 – 2014-09-27 13:15 – 000106496 _____ (Microsoft Corporation) C:UsersOWLAppDataRoaminggacutil.exe
2019-05-22 06:36 – 2014-09-27 13:15 – 000000181 _____ () C:UsersOWLAppDataRoaminggacutil.exe.config
2019-05-22 06:36 – 2014-09-27 13:15 – 000036352 _____ (Microsoft Corporation) C:UsersOWLAppDataRoamingPnPutil.exe
2019-05-22 06:36 – 2013-06-25 17:49 – 000002036 _____ () C:UsersOWLAppDataLocalinstaller.log
==================== FLock ==============================
2016-08-26 00:05 C:UsersJJAGGoogle Drive
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2020
Ran by OWL (13-01-2020 23:51:39)
Running from C:UsersOWLDesktop
Windows 10 Pro Version 1909 18363.535 (X64) (2019-09-04 20:16:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-526169441-3370718946-2259949942-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-526169441-3370718946-2259949942-503 – Limited – Disabled)
Guest (S-1-5-21-526169441-3370718946-2259949942-501 – Limited – Disabled)
HomeGroupUser$ (S-1-5-21-526169441-3370718946-2259949942-1161 – Limited – Enabled)
JJAG (S-1-5-21-526169441-3370718946-2259949942-1000 – Administrator – Enabled) => C:UsersJJAG
OWL (S-1-5-21-526169441-3370718946-2259949942-1162 – Administrator – Enabled) => C:UsersOWL
WDAGUtilityAccount (S-1-5-21-526169441-3370718946-2259949942-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
AV: Malwarebytes (Enabled – Up to date) 23007AD3-69FE-687C-2629-D584AFFAF72B
AS: Microsoft Security Essentials (Disabled – Up to date) CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34
AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AAC ACM Codec 1.9 (HKLM-x32…AACACM) (Version: 1.9 – fccHandler)
Adobe Flash Player 25 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 25.0.0.171 – Adobe Systems Incorporated)
Adobe Reader XI (HKLM-x32…AC76BA86-7AD7-1033-7B44-AB0000000001) (Version: 11.0.00 – Adobe Systems Incorporated)
aioprnt (HKLM…