Suspected Intrusion.. – Virus, Trojan, Spyware, and Malware Removal Help


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021

Ran by Ryan (administrator) on DESKTOP-8OL8T3U (BIOSTAR Group Hi-Fi B85S3+) (10-01-2021 14:55:26)

Running from C:UsersRyanDesktop

Loaded Profiles: Ryan

Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: English (United States)

Default browser: Edge

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0Windows Communication FoundationSMSvcHost.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32PrintIsolationHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2011.6-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2011.6-0NisSrv.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <5>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM-x32…Run: [ControlCenter4] => C:Program Files…

Source…