Outbound traffic detected ? – Virus, Trojan, Spyware, and Malware Removal Help | #firefox | #firefoxsecurity


I believe i was playing Team Fortress 2 and using discord when a message from Norton popped up telling me about suspicious outgoing traffic.

 

Here are the logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by kubsons07 (administrator) on DESKTOP-7J71UVT (08-04-2021 17:27:34)
Running from C:Userskubsons07DesktopFRST
Loaded Profiles: kubsons07
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Polski (Polska)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:Program Files (x86)Common FilesProtexisLicense ServicePsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
(Discord Inc. -> Discord Inc.) C:ProgramDatakubsons07Discordapp-0.0.309Discord.exe <6>
(Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe
(Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe
(Intel Corporation) [File not signed] C:Program Files (x86)IntelIntel® Security Assistisa.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbweWinStore.App.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbweGameBar.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbweGameBarFTServer.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbweMusic.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) C:WindowsV0790Mon.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program Files (x86)Mozilla Firefoxfirefox.exe <6>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151nsWscSvc.exe
(NortonLifeLock Inc. -> Symantec Corporation) C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151NortonSecurity.exe <2>
(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe
(Skutta, Kristjan -> ) C:Program Files (x86)Steamsteamappscommonwallpaper_enginewallpaper32.exe
(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe
(Valve -> Valve Corporation) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:Program Files (x86)Steamsteam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [8495320 2015-06-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM…Run: [AdobeGCInvoker-1.0] => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32…Run: [V0790Mon.exe] => C:WINDOWSV0790Mon.exe [43120 2015-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
HKUS-1-5-21-2944253907-4126696763-4153681683-1001…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4087528 2021-03-23] (Valve -> Valve Corporation)
HKUS-1-5-21-2944253907-4126696763-4153681683-1001…Run: [EADM] => C:Program Files (x86)OriginOrigin.exe [3144760 2021-03-13] (Electronic Arts, Inc. -> Electronic Arts)
HKUS-1-5-21-2944253907-4126696763-4153681683-1001…Run: [Discord] => C:ProgramDatakubsons07DiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKUS-1-5-21-2944253907-4126696763-4153681683-1001…Run: [WallpaperEngine] => C:Program Files (x86)Steamsteamappscommonwallpaper_enginewallpaper32.exe [2769000 2021-03-02] (Skutta, Kristjan -> )
HKUS-1-5-21-2944253907-4126696763-4153681683-1001…Run: [com.squirrel.Teams.Teams] => C:Userskubsons07AppDataLocalMicrosoftTeamsUpdate.exe [2453704 2021-03-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe /StartMinimized
HKLM…PrintMonitorsHP E611 Status Monitor: C:Windowssystem32hpinkstsE611LM.dll [401920 2019-07-01] (Hewlett Packard -> HP Inc.)
HKLMSoftwareWow6432NodeMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication89.0.4389.114Installerchrmstp.exe [2021-04-02] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026C09C6-6379-4323-88DD-5B91FE8EFA09} – System32TasksCorelUpdateHelperTaskCore => C:Program Files (x86)CorelCUHv2CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {06CAA493-F24B-4597-906E-9D6F4CD8C2B1} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153752 2017-06-13] (Google Inc -> Google Inc.)
Task: {15B848E4-7848-4D03-B3E8-AA7F774231A7} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D05BBAA-A12B-4A05-BB45-422FF09019BD} – System32TasksMozillaFirefox Default Browser Agent E7CF176E110C211B => C:Program Files (x86)Mozilla Firefoxdefault-browser-agent.exe [696816 2021-03-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {366CC39B-B163-45D1-8619-97B3BBFAFBE4} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {526D59EE-C8E8-4CA2-A9BB-EC17F2703F6A} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B9CE1D0-0BEF-48BE-9154-BE87FCD98B48} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log
Task: {6CF935F3-CC47-4F3F-96DC-E1BEC43C4E39} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {747B1FE8-DAC4-45E6-AF00-08BA7F7BB850} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Task: {7629A7D5-B7AD-4FE1-B442-CAF13D24486E} – System32TasksNorton SecurityNorton Security Autofix => C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151SymErr.exe [115608 2021-02-22] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {76A8D25B-78B6-430B-A8DF-1B79EF194F37} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {887773E8-7BC3-44CB-A468-DAE3DFF906D3} – System32TasksAdobeGCInvoker-1.0 => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8F5D5A55-C372-49CB-A7BA-CCD1549CD369} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2CDA35C-9FD0-426E-8CBC-D5871973F9A6} – System32TasksNorton WSC Integration => C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151WSCStub.exe [643544 2021-02-22] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {C46507B7-4227-4366-8120-C94F726AB290} – System32TasksNorton SecurityNorton Security Error Analyzer => C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151SymErr.exe [115608 2021-02-22] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {D367048B-345F-438E-89F4-B3E37B21F67B} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D73DCD44-2E37-4560-958A-AB1012C73014} – System32TasksRemediationAntimalwareMigrationTask => C:Program FilesCommon FilesAVNorton SecurityUpgrade.exe [2344568 2021-02-22] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {DF26F89F-54B9-49E1-8760-798A296A3D1C} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153752 2017-06-13] (Google Inc -> Google Inc.)
Task: {E1A7FA2F-0119-40E3-9759-7F5816C99A71} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3E18E79-4666-4F12-9721-3FCBE6A23C01} – System32TasksNorton SecurityNorton Security Error Processor => C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151SymErr.exe [115608 2021-02-22] (NortonLifeLock Inc. -> NortonLifeLock Inc)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 192.168.0.1
Tcpip..Interfaces{5727f1df-f5f5-41d1-8aac-4618ca034e36}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:Userskubsons07AppDataLocalMicrosoftEdgeUser DataDefault [2021-04-08]

FireFox:
========
FF DefaultProfile: aq3w9l33.default-1523276245035
FF ProfilePath: C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035 [2021-04-08]
FF Homepage: MozillaFirefoxProfilesaq3w9l33.default-1523276245035 -> www.google.com
FF Extension: (Dark Reader) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensionsaddon@darkreader.org.xpi [2021-04-06]
FF Extension: (Norton Password Manager) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensionsidsafe@norton.com.xpi [2021-03-29]
FF Extension: (Norton Home Page) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensionsnortonhomepage@symantec.com.xpi [2021-03-15] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensionsnortonsafesearch_ul_2@symantec.com.xpi [2021-03-15] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensionsnortonsafeweb@symantec.com.xpi [2021-03-04]
FF Extension: (Light Sea) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensions{124ac638-9949-4296-83e5-0a30089482fa}.xpi [2019-08-16]
FF Extension: (NoScript) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensions{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-03-29]
FF Extension: (rainbow blur) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensions{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2019-08-16]
FF Extension: (Adblock Plus – darmowy adblocker) – C:Userskubsons07AppDataRoamingMozillaFirefoxProfilesaq3w9l33.default-1523276245035Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:Program FilesJavajre1.8.0_251bindtpluginnpDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:Program FilesJavajre1.8.0_251binplugin2npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:Program Files (x86)Javajre1.8.0_251bindtpluginnpDeployJava1.dll [2020-05-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:Program Files (x86)Javajre1.8.0_251binplugin2npjp2.dll [2020-05-25] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:Userskubsons07AppDataLocalGoogleChromeUser DataDefault [2021-02-18]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Płatności w sklepie Chrome Web Store) – C:Userskubsons07AppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2020-06-23]
CHR Extension: (Chrome Media Router) – C:Userskubsons07AppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:Userskubsons07AppDataLocalGoogleChromeUser DataGuest Profile [2020-06-03]
CHR Profile: C:Userskubsons07AppDataLocalGoogleChromeUser DataSystem Profile [2020-06-03]
CHR HKLM…ChromeExtension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] – C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151ExtsChrome.crx <not found>
CHR HKLM-x32…ChromeExtension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] – C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151ExtsChrome.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8736880 2020-11-07] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [802432 2019-08-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:Program FilesNVIDIA CorporationFrameViewSDKnvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
R3 Intel® Security Assist; C:Program Files (x86)IntelIntel® Security Assistisa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:Program Files (x86)IntelIntel® Security AssistisaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 NortonSecurity; C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151NortonSecurity.exe [343296 2021-02-22] (NortonLifeLock Inc. -> Symantec Corporation)
R2 nsWscSvc; C:Program FilesNorton SecurityNorton SecurityEngine22.21.1.151nsWscSvc.exe [1054496 2021-02-22] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2535000 2021-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [3480152 2021-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:Program Files (x86)Common FilesProtexisLicense ServicePsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:Program FilesNorton SecurityNorton SecurityNortonData22.20.2.57DefinitionsBASHDefs20210323.017BHDrvx64.sys [1995864 2021-03-16] (Symantec Corporation -> Broadcom)
R1 ccSet_NGC; C:WINDOWSSystem32driversNGCx641615010.097ccSetx64.sys [192248 2021-02-22] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:Program Files (x86)Common FilesSymantec SharedEENGINEeeCtrl64.sys [516168 2021-02-03] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:Program Files (x86)Common FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [153672 2021-02-13] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:Program FilesNorton SecurityNorton SecurityNortonData22.20.2.57DefinitionsIPSDefs20210407.061IDSvia64.sys [1488976 2021-04-06] (Symantec Corporation -> Broadcom)
S3 Larmkanal; C:WINDOWSSystem32driversLarmkanal.sys [33112 2015-09-02] (ADORIASOFT LLC -> Adoriasoft LLC)
S3 logi_joy_bus_enum; C:WINDOWSsystem32driverslogi_joy_bus_enum.sys [38136 2020-02-18] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:WINDOWSsystem32driverslogi_joy_vir_hid.sys [26672 2020-08-10] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:WINDOWSsystem32driverslogi_joy_xlcore.sys [66808 2020-02-18] (Logitech Inc -> Logitech)
S3 Phosgene; C:WINDOWSsystem32DRIVERSPhosgene.sys [34136 2015-09-02] (ADORIASOFT LLC -> Adoriasoft LLC)
R0 pwdrvio; C:WINDOWSSystem32pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:Windowssystem32pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_021e; C:WINDOWSSystem32driversRzDev_021e.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0306; C:WINDOWSSystem32driversRzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 SRTSP; C:WINDOWSSystem32driversNGCx641615010.097SRTSP64.SYS [889712 2021-02-22] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:WINDOWSSystem32driversNGCx641615010.097SRTSPX64.SYS [51056 2021-02-22] (Symantec Corporation -> Symantec Corporation)
S3 sshid; C:WINDOWSSystem32driverssshid.sys [48040 2018-09-25] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:WINDOWSsystem32driversSteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:WINDOWSsystem32driversSteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R0 SymEFASI; C:WINDOWSSystem32driversNGCx641615010.097SYMEFASI64.SYS [2060656 2021-02-22] (Symantec Corporation -> Broadcom)
S0 SymELAM; C:WINDOWSSystem32driversNGCx641615010.097SymELAM.sys [25080 2021-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:WINDOWSsystem32DriversSYMEVENT64x86.SYS [100064 2019-07-28] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:Program FilesNorton SecurityNorton SecurityNortonData22.20.2.57SymPlatformSymEvnt.sys [712368 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:WINDOWSSystem32driversNGCx641615010.097Ironx64.SYS [316488 2021-02-22] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:WINDOWSSystem32driversNGCx641615010.097symnets.sys [575328 2021-02-22] (Symantec Corporation -> Symantec Corporation)
R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:WINDOWSSystem32driverstapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 V0790Vid; C:WINDOWSsystem32DRIVERSV0790Vid.sys [389128 2015-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S2 vcs; C:Program Files (x86)Common FilesAvnexvcs64.sys [4096 2017-07-15] () [File not signed]
R3 VCSVADHWSer; C:WINDOWSSystem32driversvcsvad.sys [29320 2015-10-01] (AVSOFT CORP. -> AVSOFT Corp.)
S3 VOICEMOD_Driver; C:WINDOWSsystem32driversvmdrv.sys [45408 2018-03-15] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:WINDOWSsystem32driversWdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driversWdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WINDOWSSystem32DriversWdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:WINDOWSSystem32driversNGCx641615010.097wpCtrlDrv.sys [1013792 2021-02-22] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S1 ESProtectionDriver; ??C:WINDOWSsystem32driversmbae64.sys [X]
S2 MBAMChameleon; SystemRootSystem32DriversMbamChameleon.sys [X]
S3 MBAMFarflt; system32DRIVERSfarflt.sys [X]
S3 MBAMProtection; ??C:WINDOWSsystem32DRIVERSmbam.sys [X]
S3 MBAMWebProtection; SystemRootsystem32DRIVERSmwac.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-08 17:23 – 2021-04-08 17:27 – 000000000 ____D C:Userskubsons07DesktopFRST
2021-04-08 16:03 – 2021-04-08 16:03 – 000020191 _____ C:Userskubsons07AppDataLocalrecently-used.xbel
2021-04-08 12:14 – 2021-04-08 12:14 – 000000000 ____D C:WINDOWSsystem32TasksRemediation
2021-04-05 14:15 – 2021-04-05 14:15 – 027302444 _____ C:Userskubsons07Desktopdddd.wav
2021-04-05 14:03 – 2021-04-05 14:03 – 000715628 _____ C:Userskubsons07Desktopphart.wav
2021-04-01 23:30 – 2021-04-02 14:35 – 000000000 ____D C:Userskubsons07DesktopFlame-Hud-master
2021-04-01 23:14 – 2021-04-01 23:14 – 000037832 _____ C:Userskubsons07Desktopkillsound stabby.wav
2021-03-31 20:30 – 2021-03-31 20:30 – 000000000 ____D C:WINDOWSsystem32lxss
2021-03-31 20:30 – 2021-03-31 20:30 – 000000000 ____D C:WINDOWSLastGood
2021-03-31 20:27 – 2021-03-26 11:17 – 001855192 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe
2021-03-31 20:27 – 2021-03-26 11:17 – 001855192 _____ C:WINDOWSsystem32vulkaninfo.exe
2021-03-31 20:27 – 2021-03-26 11:17 – 001452312 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll
2021-03-31 20:27 – 2021-03-26 11:17 – 001435864 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe
2021-03-31 20:27 – 2021-03-26 11:17 – 001435864 _____ C:WINDOWSSysWOW64vulkaninfo.exe
2021-03-31 20:27 – 2021-03-26 11:17 – 001191696 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll
2021-03-31 20:27 – 2021-03-26 11:17 – 001094864 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll
2021-03-31 20:27 – 2021-03-26 11:17 – 001094864 _____ C:WINDOWSsystem32vulkan-1.dll
2021-03-31 20:27 – 2021-03-26 11:17 – 000948952 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll
2021-03-31 20:27 – 2021-03-26 11:17 – 000948952 _____ C:WINDOWSSysWOW64vulkan-1.dll
2021-03-31 20:27 – 2021-03-26 11:15 – 000715568 _____ C:WINDOWSsystem32nvofapi64.dll
2021-03-31 20:27 – 2021-03-26 11:15 – 000575760 _____ C:WINDOWSSysWOW64nvofapi.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 002105648 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 001730864 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdispco6446589.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 001590064 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 001514288 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 001490224 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdispgenco6446589.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 001166128 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 000811792 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 000675120 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll
2021-03-31 20:27 – 2021-03-26 11:14 – 000563992 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll
2021-03-31 20:27 – 2021-03-26 11:13 – 008316192 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll
2021-03-31 20:27 – 2021-03-26 11:13 – 007433496 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll
2021-03-31 20:27 – 2021-03-26 11:13 – 004795160 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll
2021-03-31 20:27 – 2021-03-26 11:13 – 002823440 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll
2021-03-31 20:27 – 2021-03-26 11:06 – 006154480 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll
2021-03-24 15:33 – 2021-03-24 15:33 – 000000000 ____D C:Userskubsons07AppDataLocalDaedalic Entertainment GmbH
2021-03-24 09:54 – 2021-03-24 09:54 – 000000000 ____D C:WINDOWSsystem32TasksMozilla
2021-03-23 22:03 – 2021-04-06 13:00 – 000000000 ____D C:Program Files (x86)Mozilla Firefox
2021-03-23 09:38 – 2021-03-23 09:38 – 000162773 _____ C:Userskubsons07Downloads4a.Trzecia zasada dynamiki – zadania.pdf
2021-03-20 15:36 – 2021-03-20 15:37 – 000000000 ____D C:Userskubsons07DocumentsAssassin’s Creed IV Black Flag
2021-03-20 00:01 – 2021-03-20 00:11 – 000003518 _____ C:Userskubsons07DocumentsACP.ini
2021-03-20 00:01 – 2021-03-20 00:04 – 000000000 ____D C:Userskubsons07DocumentsAssassin’s Creed Origins
2021-03-19 20:02 – 2021-03-19 20:21 – 000000000 ____D C:Userskubsons07AppDataRoamingCode
2021-03-19 20:02 – 2021-03-19 20:02 – 000000000 ____D C:Userskubsons07.vscode
2021-03-17 16:21 – 2021-03-17 16:21 – 000000000 ____D C:WINDOWSLastGood.Tmp
2021-03-13 11:59 – 2021-04-08 13:53 – 000000000 ____D C:WINDOWSsystem32TasksNorton Security
2021-03-13 02:05 – 2021-03-13 02:05 – 000003410 _____ C:WINDOWSsystem32TasksNorton WSC Integration
2021-03-13 02:05 – 2021-03-13 02:05 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsNorton Security
2021-03-12 22:09 – 2021-03-12 22:09 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb
2021-03-12 22:09 – 2021-03-12 22:09 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb
2021-03-12 22:09 – 2021-03-12 22:09 – 001314128 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi
2021-03-12 22:09 – 2021-03-12 22:09 – 000011359 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2021-03-12 22:08 – 2021-03-12 22:08 – 001822272 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2021-03-12 22:08 – 2021-03-12 22:08 – 001394024 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi
2021-03-12 22:08 – 2021-03-12 22:08 – 001163776 _____ C:WINDOWSsystem32MBR2GPT.EXE
2021-03-12 22:08 – 2021-03-12 22:08 – 000611952 _____ C:WINDOWSSysWOW64TextShaping.dll
2021-03-12 22:07 – 2021-03-12 22:07 – 000707016 _____ C:WINDOWSsystem32TextShaping.dll
2021-03-12 22:07 – 2021-03-12 22:07 – 000231248 _____ C:WINDOWSsystem32containerdevicemanagement.dll
2021-03-12 22:07 – 2021-03-12 22:07 – 000091136 _____ C:WINDOWSsystem32Driverscimfs.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-08 17:31 – 2020-11-15 03:37 – 000000000 ____D C:FRST
2021-04-08 17:23 – 2017-09-13 17:36 – 000000000 ____D C:Userskubsons07AppDataRoamingdiscord
2021-04-08 17:22 – 2019-02-06 13:38 – 000000000 ____D C:ProgramDataMozilla
2021-04-08 17:21 – 2017-06-14 17:11 – 000000000 ____D C:Userskubsons07AppDataLocalLowMozilla
2021-04-08 17:20 – 2017-07-23 23:28 – 000000000 ____D C:Userskubsons07AppDataLocalNPE
2021-04-08 17:17 – 2017-06-14 19:39 – 000000000 ____D C:Program Files (x86)Steam
2021-04-08 17:17 – 2017-06-13 11:22 – 000000000 ____D C:ProgramDataNVIDIA
2021-04-08 17:14 – 2019-12-07 11:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-04-08 16:59 – 2020-10-12 18:09 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-04-08 16:04 – 2020-10-30 13:51 – 000000000 ____D C:Userskubsons07AppDataLocalbabl-0.1
2021-04-08 16:03 – 2017-07-28 23:24 – 000000000 ____D C:Userskubsons07AppDataLocalgtk-2.0
2021-04-08 11:47 – 2020-10-12 18:28 – 001758684 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-04-08 11:47 – 2019-12-07 17:08 – 000780534 _____ C:WINDOWSsystem32perfh015.dat
2021-04-08 11:47 – 2019-12-07 17:08 – 000151102 _____ C:WINDOWSsystem32perfc015.dat
2021-04-08 11:47 – 2019-12-07 11:13 – 000000000 ____D C:WINDOWSINF
2021-04-08 11:39 – 2020-10-12 18:24 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-04-08 11:39 – 2020-10-12 18:09 – 000008192 ___SH C:DumpStack.log.tmp
2021-04-07 17:44 – 2019-10-12 12:47 – 000000000 ___HD C:UsersPublicDocumentsAdobeGCData
2021-04-07 17:20 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-04-07 00:01 – 2020-10-12 18:15 – 000000000 ____D C:Userskubsons07
2021-04-06 23:01 – 2020-11-27 20:37 – 000000000 ____D C:Userskubsons07AppDataLocalBattle.net
2021-04-06 18:25 – 2018-05-16 17:33 – 000000000 ____D C:Userskubsons07AppDataLocalD3DSCache
2021-04-06 15:02 – 2020-10-12 18:15 – 000000000 ____D C:Usersdefaultuser0
2021-04-06 13:04 – 2019-12-07 11:03 – 000032768 _____ C:WINDOWSsystem32configELAM
2021-04-06 13:00 – 2017-06-13 11:27 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-04-05 14:15 – 2018-01-10 20:03 – 000000000 ____D C:Userskubsons07AppDataRoamingaudacity
2021-04-05 14:00 – 2019-06-02 11:55 – 000000000 ____D C:Userskubsons07AppDataRoaming.minecraft
2021-04-04 12:06 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSLiveKernelReports
2021-04-02 23:00 – 2020-12-21 00:44 – 000002455 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-04-02 23:00 – 2019-12-07 11:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-04-02 15:02 – 2019-10-29 20:07 – 000000000 ____D C:Userskubsons07AppDataLocalNVIDIA
2021-04-02 13:07 – 2017-06-13 11:28 – 000002314 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-04-02 12:55 – 2020-08-16 01:17 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools
2021-04-01 23:15 – 2020-10-25 11:59 – 000000000 ____D C:Userskubsons07DesktopG-Mang Hud
2021-04-01 14:26 – 2017-08-19 20:26 – 000000000 ____D C:ProgramDataOrigin
2021-04-01 12:14 – 2017-08-19 21:16 – 000000000 ____D C:Userskubsons07AppDataLocalOrigin
2021-03-30 12:00 – 2017-06-15 10:43 – 000000000 ____D C:Userskubsons07AppDataLocalCrashDumps
2021-03-26 14:01 – 2021-01-25 15:28 – 000000000 ____D C:Userskubsons07DesktopadvHUD
2021-03-26 11:14 – 2021-02-26 14:35 – 000656176 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll
2021-03-26 11:06 – 2020-10-09 21:49 – 007207552 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll
2021-03-26 01:35 – 2020-10-09 21:49 – 000063942 _____ C:WINDOWSsystem32nvinfo.pb
2021-03-25 21:14 – 2019-10-29 20:06 – 005667184 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll
2021-03-25 21:14 – 2019-10-29 20:06 – 002637168 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvsvc64.dll
2021-03-25 21:14 – 2019-10-29 20:06 – 001758064 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvsvcr.dll
2021-03-25 21:14 – 2019-10-29 20:06 – 000990064 _____ (NVIDIA Corporation) C:WINDOWSsystem32nv3dappshext.dll
2021-03-25 21:14 – 2019-10-29 20:06 – 000120176 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvshext.dll
2021-03-25 21:14 – 2019-10-29 20:06 – 000082288 _____ (NVIDIA Corporation) C:WINDOWSsystem32nv3dappshextr.dll
2021-03-24 15:41 – 2021-01-03 16:56 – 000000000 ____D C:Userskubsons07AppDataLocalGeometryDash
2021-03-24 10:15 – 2017-08-19 21:16 – 000000000 ____D C:Userskubsons07AppDataRoamingOrigin
2021-03-24 09:54 – 2017-06-13 11:27 – 000001235 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-03-23 01:42 – 2020-08-16 01:17 – 000470864 _____ (Microsoft Corporation) C:WINDOWSsystem32QualityUpdateAssistant.dll
2021-03-23 01:41 – 2020-08-16 01:17 – 000734008 _____ (Microsoft Corporation) C:WINDOWSsystem32sedplugins.dll
2021-03-22 20:10 – 2020-10-19 07:38 – 000002395 _____ C:Userskubsons07AppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams.lnk
2021-03-22 14:00 – 2018-04-21 11:26 – 000000000 ____D C:Userskubsons07AppDataLocalUbisoft Game Launcher
2021-03-20 00:17 – 2019-12-07 11:03 – 000524288 _____ C:WINDOWSsystem32configBBI
2021-03-19 20:48 – 2018-08-13 12:34 – 000000000 ____D C:Userskubsons07AppDataLocalosu!
2021-03-19 20:22 – 2019-03-30 23:03 – 000000000 ____D C:Userskubsons07Desktopstrategic
2021-03-19 14:09 – 2019-10-29 20:06 – 000001951 _____ C:WINDOWSNvContainerRecovery.bat
2021-03-18 14:11 – 2020-11-05 13:08 – 000000000 ____D C:Userskubsons07AppDataRoamingLeppsoft
2021-03-18 11:28 – 2018-06-15 19:42 – 000000000 ___RD C:Userskubsons07DesktopEverything
2021-03-17 20:53 – 2019-03-30 23:04 – 000000000 ___RD C:Userskubsons07DesktopTools
2021-03-17 16:21 – 2017-06-13 11:19 – 000000000 ____D C:Program FilesNVIDIA Corporation
2021-03-15 23:07 – 2017-06-22 20:45 – 000000000 ____D C:Userskubsons07AppDataRoamingobs-studio
2021-03-15 13:03 – 2020-10-12 18:24 – 000003388 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2944253907-4126696763-4153681683-1001
2021-03-15 13:02 – 2020-10-12 18:15 – 000002430 _____ C:Userskubsons07AppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-03-15 13:02 – 2017-06-14 17:11 – 000000000 ___RD C:Userskubsons07OneDrive
2021-03-13 13:39 – 2020-12-12 14:59 – 000002388 _____ C:Userskubsons07Desktopoptions.txt
2021-03-13 12:34 – 2017-06-22 21:26 – 000000000 ____D C:Program Files (x86)Minecraft
2021-03-13 12:26 – 2017-06-26 20:29 – 000000000 ____D C:Program FilesCommon FilesAV
2021-03-13 12:01 – 2017-08-19 20:26 – 000000000 ____D C:Program Files (x86)Origin
2021-03-13 02:05 – 2019-07-21 18:17 – 000000000 ____D C:WINDOWSsystem32DriversNGCx64
2021-03-13 02:04 – 2020-10-12 18:09 – 000320520 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSysWOW64setup
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSysWOW64oobe
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSystemResources
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32setup
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32Dism
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSProvisioning
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2021-03-13 02:00 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-03-12 22:15 – 2019-12-07 11:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-03-12 14:16 – 2017-06-15 18:39 – 000000000 ____D C:WINDOWSsystem32MRT
2021-03-12 14:13 – 2017-06-15 18:39 – 131005360 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

==================== Files in the root of some directories ========

2020-11-04 23:18 – 2021-01-29 16:23 – 000000015 _____ () C:Userskubsons07AppDataRoamingobs-virtualcam.txt
2020-06-05 13:14 – 2020-06-05 13:14 – 000000000 _____ () C:Userskubsons07AppDataLocaloobelibMkey.log
2021-04-08 16:03 – 2021-04-08 16:03 – 000020191 _____ () C:Userskubsons07AppDataLocalrecently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Original Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply

Your email address will not be published. Required fields are marked *

+ 76 = 81