![]() ![]() (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHeciSvc.exe (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHDCPSvc.exe (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igf圎M.exe (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe > Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (If an entry is included in the fixlist, the process will be closed. Platform: Windows 10 Pro Version 1803 17134.950 (X64) Language: English (United States) Loaded Profiles: Birr Insurance Agenc (Available Profiles: Birr Insurance Agenc) Running from C:\Users\Birr Insurance Agenc\Desktop Ran by Birr Insurance Agenc (administrator) on DESKTOP-4QVPFCQ (Dell Inc. Scan result of Farbar Recovery Scan Tool (FRST) (圆4) Version: 25-09-2019 And as always, I appreciate the skills, time, and dedication you guys take to help us. I was encouraged to run Farbar and post the results logs here to receive some assistance in cleaning out the system before returning it to the owner so here goes. With help from the guys in the ID Ransomware thread who were able to determine it was a HiddenTear variant and decrypt the files on the computer. Trying to help a neighbor recover from Ransomware. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |