Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
WMC Agent Won't Leave Along with Other Files
Message
<blockquote data-quote="Riccrocc789" data-source="post: 723756" data-attributes="member: 71346"><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018</p><p>Ran by SYSTEM on MININT-180LNFK (03-04-2018 16:13:11)</p><p>Running from F:\</p><p>Platform: Windows 10 Pro Version 1709 16299.309 (X64) Language: English (United States)</p><p>Internet Explorer Version 11</p><p>Boot Mode: Recovery</p><p>Default: ControlSet001</p><p><strong>ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.</strong></p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials</a></p><p>==================== Registry (Whitelisted) ===========================</p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p>HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)</p><p>HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)</p><p>HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)</p><p>HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)</p><p>HKLM\...\Run: [Fight Stick Alpha] => C:\Program Files\Mad Catz\Fight Stick Alpha\Fight_Stick_Alpha_Profiler.exe [671232 2016-03-04] (Mad Catz Inc)</p><p>HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16073336 2016-08-10] (Logitech Inc.)</p><p>HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776192 2016-12-02] (Realtek Semiconductor)</p><p>HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)</p><p>HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)</p><p>HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11328464 2015-09-11] (Micro-Star INT'L CO., LTD.)</p><p>HKLM-x32\...\Run: [GammingApp] => C:\Program Files (x86)\MSI\MSI Gaming APP\SGamingApp.exe [1147048 2015-09-03] (Micro-Star Int'l Co., Ltd.)</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-12-12] (Copyright (c) 2017 Plays.tv, LLC)</p><p>HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,</p><p>Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]</p><p>HKU\Default\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)</p><p>HKU\Default User\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)</p><p>HKU\Kai\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)</p><p>HKU\Kai\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)</p><p>HKU\Kai\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3198752 2018-03-26] (Valve Corporation)</p><p>HKU\Kai\...\Run: [Discord] => C:\Users\Kai\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)</p><p>HKU\Kai\...\RunOnce: [Application Restart #5] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)</p><p>HKU\Kai\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)</p><p>HKU\Kai\...\RunOnce: [Application Restart #1] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)</p><p>HKU\Kai\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592 2018-03-19] (Google Inc.)</p><p>HKU\Kai\...\RunOnce: [Application Restart #3] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)</p><p>Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2018-01-21]</p><p>ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)</p><p>Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2018-01-22]</p><p>ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)</p><p>Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2017-10-18]</p><p>ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (VB-AUDIO Software)</p><p>GroupPolicyScripts: Restriction <==== ATTENTION</p><p>GroupPolicyScripts-x32: Restriction <==== ATTENTION</p><p>==================== Services (Whitelisted) ====================</p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p>"HKLM\System\ControlSet001\Services\aehknr" => removed successfully</p><p>"HKLM\System\ControlSet001\Services\anhot" => removed successfully</p><p>C:\Windows\System32\drivers\rtradhkn.sys => moved successfully</p><p>C:\Users\Kai\AppData\Local\tihawem\wmczogt.exe => moved successfully</p><p>C:\Users\Kai\AppData\Local\wmcagent\wmcagent.exe => moved successfully</p><p>C:\Users\Kai\AppData\Local\wmcagent\wow_helper.exe => moved successfully</p><p>S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)</p><p>S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2016-05-27] ()</p><p>S2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)</p><p>S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-03-08] ()</p><p>S4 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [34984 2015-09-03] (Micro-Star Int'l Co., Ltd.)</p><p>S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)</p><p>S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe [426416 2018-04-02] (AO Kaspersky Lab)</p><p>S2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)</p><p>S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-28] (IObit)</p><p>S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-10] (Logitech Inc.)</p><p>S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)</p><p>S2 Microsoft DirectX Configuration Service; C:\Windows\SysWOW64\dxconfig.exe [64512 2016-02-15] ()</p><p>S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1768912 2015-09-11] (Micro-Star INT'L CO., LTD.)</p><p>S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)</p><p>S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)</p><p>S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-12-12] (Copyright (c) 2017 Plays.tv, LLC)</p><p>S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()</p><p>S2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)</p><p>S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek)</p><p>S2 RunSwUSB; C:\Windows\runSW.exe [48856 2013-10-18] ()</p><p>S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-02] (Microsoft Corporation)</p><p>S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)</p><p>S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-02] (Microsoft Corporation)</p><p>S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-02] (Microsoft Corporation)</p><p>S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000</p><p>S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r</p><p>===================== Drivers (Whitelisted) ======================</p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p>S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-23] (ASRock Incorporation)</p><p>S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA)</p><p>S0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)</p><p>S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)</p><p>S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)</p><p>S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-02-03] (Intel Corporation)</p><p>S3 ElcMouLFlt; C:\Windows\System32\drivers\ElcMouLFlt.sys [28648 2015-10-17] (ELECOM)</p><p>S3 ElcMouUFlt; C:\Windows\System32\drivers\ElcMouUFlt.sys [27624 2015-10-17] (ELECOM)</p><p>S1 epp; C:\EEK\bin64\epp.sys [142448 2018-03-27] (Emsisoft Ltd)</p><p>S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2016-01-01] (Echobit, LLC)</p><p>S3 hcwE5bda; C:\Windows\system32\drivers\hcwE5bda.sys [985096 2016-02-08] (Hauppauge Computer Work, Inc.)</p><p>S3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()</p><p>S3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-02-03] ()</p><p>S3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()</p><p>S3 Kinonih; C:\Windows\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni)</p><p>S3 KINONI_Wave; C:\Windows\system32\drivers\kinonivad.sys [32360 2016-04-17] (Windows (R) Win 7 DDK provider)</p><p>S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)</p><p>S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-25] (AO Kaspersky Lab)</p><p>S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [120008 2018-04-02] (AO Kaspersky Lab)</p><p>S2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)</p><p>S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)</p><p>S3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [207576 2018-04-02] (AO Kaspersky Lab)</p><p>S1 KLHK; C:\Windows\System32\drivers\klhk.sys [594144 2018-04-02] (AO Kaspersky Lab)</p><p>S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1055944 2018-04-02] (AO Kaspersky Lab)</p><p>S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-04-02] (AO Kaspersky Lab)</p><p>S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)</p><p>S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)</p><p>S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-12-25] (AO Kaspersky Lab)</p><p>S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)</p><p>S3 kltap; C:\Windows\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)</p><p>S0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [231312 2018-04-02] (AO Kaspersky Lab)</p><p>S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2018-04-02] (AO Kaspersky Lab)</p><p>S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [252600 2018-04-02] (AO Kaspersky Lab)</p><p>S0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [107656 2018-04-02] (AO Kaspersky Lab)</p><p>S3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [174664 2018-04-02] (AO Kaspersky Lab)</p><p>S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [93888 2018-04-02] (AO Kaspersky Lab)</p><p>S1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [135904 2017-12-25] (AO Kaspersky Lab)</p><p>S1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199392 2017-12-25] (AO Kaspersky Lab)</p><p>S3 ladfGSS; C:\Windows\system32\drivers\ladfGSS.sys [45208 2016-08-09] (Logitech Inc.)</p><p>S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)</p><p>S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2016-06-24] (Logitech Inc.)</p><p>S1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2018-04-01] ()</p><p>S3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [102112 2018-04-02] (Malwarebytes)</p><p>S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)</p><p>S2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2017-01-04] (Nicomsoft Ltd.)</p><p>S4 most; C:\Windows\System32\drivers\mefrkund.sys [79064 2018-03-31] (Malwarebytes)</p><p>S1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [107488 2017-02-08] (Panda Security, S.L.)</p><p>S1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.)</p><p>S1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [121312 2017-02-08] (Panda Security, S.L.)</p><p>S1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.)</p><p>S1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.)</p><p>S1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.)</p><p>S1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [91104 2017-02-08] (Panda Security, S.L.)</p><p>S1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.)</p><p>S1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.)</p><p>S1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [197600 2017-02-08] (Panda Security, S.L.)</p><p>S1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.)</p><p>S1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.)</p><p>S1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.)</p><p>S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)</p><p>S3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_95d88c9d04436846\nvlddmkm.sys [17526688 2018-03-16] (NVIDIA Corporation)</p><p>S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)</p><p>S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2014-11-12] (NVIDIA Corporation)</p><p>S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation)</p><p>S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [58816 2018-03-15] (NVIDIA Corporation)</p><p>S2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [177424 2017-02-12] (Panda Security, S.L.)</p><p>S2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129296 2017-02-12] (Panda Security, S.L.)</p><p>S1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [205584 2017-02-20] (Panda Security, S.L.)</p><p>S2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [131344 2017-02-12] (Panda Security, S.L.)</p><p>S2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [144656 2017-02-12] (Panda Security, S.L.)</p><p>S2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [114960 2017-02-12] (Panda Security, S.L.)</p><p>S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8213328 2018-01-31] (Realtek Semiconductor Corporation )</p><p>S3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [47312 2015-09-03] (Razer Inc)</p><p>S2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)</p><p>S2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)</p><p>S3 SaiX8180; C:\Windows\System32\drivers\SaiX8180.sys [65784 2016-03-08] (Saitek, Madcatz, Ltd.)</p><p>S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)</p><p>S3 sparkocam; C:\Windows\system32\DRIVERS\sparkocam.sys [37200 2016-09-01] (Sparkosoft)</p><p>S3 sparkocammic; C:\Windows\system32\drivers\sparkocammic.sys [34640 2018-01-10] (Sparkosoft)</p><p>S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)</p><p>S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()</p><p>S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)</p><p>S3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-10-17] (Windows (R) Win 7 DDK provider)</p><p>S4 vysj; C:\Windows\System32\drivers\fljm.sys [79064 2018-03-31] (Malwarebytes)</p><p>S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-03-02] (Microsoft Corporation)</p><p>S0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288296 2018-03-02] (Microsoft Corporation)</p><p>S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-02] (Microsoft Corporation)</p><p>S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-03-22] (Wellbia.com Co., Ltd.)</p><p>S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-04-01] (Zemana Ltd.)</p><p>S3 aswbdisk; no ImagePath</p><p>S0 PsBoot; system32\Drivers\PsBoot.sys [X]</p><p>S4 sxmgr; System32\drivers\nvhgkixc.sys [X]</p><p>S1 texuxkqt; \??\C:\WINDOWS\system32\drivers\texuxkqt.sys [X]</p><p>S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]</p><p>==================== NetSvcs (Whitelisted) ===================</p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>==================== One Month Created files and folders ========</p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p>2018-04-03 15:05 - 2018-04-03 15:05 - 000000000 ____D C:\Users\Kai\AppData\Local\aubroml</p><p>2018-04-03 15:01 - 2018-04-03 15:01 - 002403328 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe</p><p>2018-04-03 14:50 - 2018-04-03 14:50 - 000000000 ____D C:\Users\Kai\AppData\Local\pcsxndu</p><p>2018-04-02 20:38 - 2018-04-02 20:38 - 000000000 ____D C:\Users\Kai\AppData\Local\pcbvxeg</p><p>2018-04-02 19:38 - 2018-04-02 19:38 - 000000000 ____D C:\Users\Kai\AppData\Local\conabxz</p><p>2018-04-02 19:30 - 2018-04-02 19:30 - 000000000 ____D C:\Users\Kai\AppData\Local\raaebdc</p><p>2018-04-02 19:25 - 2018-04-02 19:25 - 000000000 ____D C:\ProgramData\Emsisoft</p><p>2018-04-02 19:24 - 2018-04-02 19:27 - 000000000 ____D C:\EEK</p><p>2018-04-02 19:20 - 2018-04-02 19:23 - 323431136 _____ C:\Users\Kai\Desktop\EmsisoftEmergencyKit.exe</p><p>2018-04-02 19:14 - 2018-04-02 19:14 - 000074734 _____ C:\Users\Kai\Desktop\FRST.txt</p><p>2018-04-02 19:14 - 2018-04-02 19:14 - 000069971 _____ C:\Users\Kai\Desktop\Addition.txt</p><p>2018-04-02 19:14 - 2018-04-02 19:14 - 000000000 ____D C:\Users\Kai\AppData\Roaming\ProductData</p><p>2018-04-02 19:14 - 2018-04-02 19:14 - 000000000 ____D C:\Users\Kai\AppData\Local\wdnxvlo</p><p>2018-04-02 19:06 - 2018-04-02 19:06 - 000000000 ____D C:\Users\Kai\AppData\Local\exbulwp</p><p>2018-04-02 19:04 - 2018-04-02 19:04 - 000000000 ____D C:\Users\Kai\AppData\Local\exivsth</p><p>2018-04-02 18:57 - 2018-04-02 18:57 - 000000000 ____D C:\Users\Kai\AppData\Local\lsnvepb</p><p>2018-04-02 18:48 - 2018-04-02 18:48 - 002403328 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe</p><p>2018-04-02 18:47 - 2018-04-02 18:51 - 195689920 _____ (Sophos Limited) C:\Users\Kai\Desktop\Sophos Virus Removal Tool.exe</p><p>2018-04-02 18:28 - 2018-04-02 18:28 - 000255928 _____ (Malwarebytes) C:\Windows\System32\Drivers\725297C9.sys</p><p>2018-04-02 18:27 - 2018-04-02 18:37 - 000000000 ____D C:\Users\Kai\Desktop\mbar</p><p>2018-04-02 18:27 - 2018-04-02 18:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)</p><p>2018-04-02 18:27 - 2018-04-02 18:27 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Kai\Desktop\mbar-1.10.3.1001.exe</p><p>2018-04-02 18:07 - 2018-04-02 18:07 - 000000000 ____D C:\Users\Kai\AppData\Local\nvirulz</p><p>2018-04-02 17:47 - 2018-04-02 17:47 - 000000000 ____D C:\Users\Kai\AppData\Local\wdsicmx</p><p>2018-04-02 16:24 - 2018-04-02 16:24 - 000000000 ___HD C:\$Windows.~WS</p><p>2018-04-02 16:18 - 2018-04-02 16:18 - 000252600 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_klark.sys</p><p>2018-04-02 16:17 - 2018-04-02 16:17 - 000087584 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_kimul.sys</p><p>2018-04-02 16:12 - 2018-04-02 16:12 - 000231312 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_arkmon.sys</p><p>2018-04-02 16:12 - 2018-04-02 16:12 - 000174664 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_mark.sys</p><p>2018-04-02 16:12 - 2018-04-02 16:12 - 000107656 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_klbg.sys</p><p>2018-04-02 16:11 - 2018-04-03 15:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab</p><p>2018-04-02 16:11 - 2018-04-02 16:17 - 001055944 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys</p><p>2018-04-02 16:11 - 2018-04-02 16:11 - 000594144 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klhk.sys</p><p>2018-04-02 16:11 - 2018-04-02 16:11 - 000207576 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klflt.sys</p><p>2018-04-02 16:11 - 2018-04-02 16:11 - 000149304 _____ (AO Kaspersky Lab) C:\Windows\System32\klhkum.dll</p><p>2018-04-02 16:11 - 2018-04-02 16:11 - 000002122 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk</p><p>2018-04-02 16:11 - 2018-04-02 16:11 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab</p><p>2018-04-02 16:11 - 2013-05-06 07:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\System32\klfphc.dll</p><p>2018-04-02 16:10 - 2018-04-02 16:10 - 000000000 ____D C:\Users\Kai\AppData\Local\psduoga</p><p>2018-04-02 16:08 - 2018-04-02 16:08 - 002438712 _____ (Kaspersky Lab) C:\Users\Kai\Downloads\kfa18.0.0.405abcden_es_fr_13382.exe</p><p>2018-04-02 16:00 - 2018-04-02 16:00 - 000000000 ____D C:\Users\Kai\AppData\Local\niegzlw</p><p>2018-04-02 15:51 - 2018-04-02 15:51 - 000002340 _____ C:\Users\Public\Desktop\Google Chrome.lnk</p><p>2018-04-02 15:49 - 2018-04-02 15:49 - 000000000 ____D C:\Program Files (x86)\GUMCBFD.tmp</p><p>2018-04-02 15:03 - 2018-04-02 15:03 - 000000000 ____D C:\Users\Kai\AppData\Local\Simply Super Software</p><p>2018-04-02 15:02 - 2018-04-02 15:02 - 002928184 _____ (Kaspersky Lab) C:\Users\Kai\Downloads\ksk1.0.3.326en_13497.exe</p><p>2018-04-02 14:59 - 2018-04-02 14:59 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kai\Desktop\HijackThis.exe</p><p>2018-04-02 14:42 - 2018-04-02 14:42 - 000000000 ____D C:\Users\Kai\AppData\Local\sneabkl</p><p>2018-04-02 14:37 - 2018-04-02 19:09 - 000000626 _____ C:\Users\Kai\Desktop\JRT.txt</p><p>2018-04-02 14:36 - 2018-04-02 14:36 - 000000000 ____D C:\Users\Kai\AppData\Local\sbczodh</p><p>2018-04-02 14:30 - 2018-04-02 14:30 - 000000000 ____D C:\Users\Kai\AppData\Local\scbidmz</p><p>2018-04-02 14:28 - 2018-04-02 14:28 - 018617536 _____ (Microsoft Corporation) C:\Users\Kai\Downloads\MediaCreationTool.exe</p><p>2018-04-02 14:26 - 2018-04-02 14:26 - 000000000 ____D C:\Users\Kai\AppData\Local\sidnmkg</p><p>2018-04-02 05:35 - 2018-04-02 05:35 - 000000000 ____D C:\Users\Kai\AppData\Local\scrbkun</p><p>2018-04-02 03:29 - 2017-07-25 12:56 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Kai\Desktop\rkill.exe</p><p>2018-04-01 19:03 - 2018-04-01 19:03 - 000000000 ____D C:\ProgramData\SystemAcCrux</p><p>2018-04-01 17:11 - 2018-04-02 19:14 - 000000000 ____D C:\FRST</p><p>2018-04-01 16:56 - 2018-04-01 16:56 - 000061304 _____ () C:\Windows\System32\Drivers\lpsport.sys</p><p>2018-04-01 14:16 - 2018-04-01 14:16 - 001129816 _____ (Google Inc.) C:\Users\Kai\Downloads\ChromeSetup.exe</p><p>2018-04-01 14:01 - 2018-04-03 15:09 - 000027515 _____ C:\Windows\ZAM_Guard.krnl.trace</p><p>2018-04-01 14:01 - 2018-04-01 19:20 - 000085693 _____ C:\Windows\ZAM.krnl.trace</p><p>2018-04-01 14:01 - 2018-04-01 14:01 - 000203680 _____ (Zemana Ltd.) C:\Windows\System32\Drivers\zamguard64.sys</p><p>2018-04-01 14:01 - 2018-04-01 14:01 - 000000000 ____D C:\Users\Kai\AppData\Local\Zemana</p><p>2018-04-01 13:44 - 2018-04-02 14:34 - 000000422 _____ C:\Windows\System32\.crusader</p><p>2018-04-01 13:40 - 2018-04-02 19:38 - 000055232 _____ C:\Windows\System32\Drivers\hitmanpro37.sys</p><p>2018-04-01 13:39 - 2018-04-01 13:44 - 000000000 ____D C:\ProgramData\HitmanPro</p><p>2018-04-01 13:39 - 2018-04-01 13:39 - 011605440 _____ (SurfRight B.V.) C:\Users\Kai\Desktop\HitmanPro_x64.exe</p><p>2018-04-01 12:37 - 2018-04-02 19:12 - 000000000 ____D C:\AdwCleaner</p><p>2018-04-01 12:37 - 2018-04-01 12:37 - 001790024 _____ (Malwarebytes) C:\Users\Kai\Desktop\JRT.exe</p><p>2018-04-01 12:36 - 2018-04-01 12:37 - 008222496 _____ (Malwarebytes) C:\Users\Kai\Desktop\AdwCleaner.exe</p><p>2018-04-01 04:07 - 2018-04-01 04:07 - 000004274 _____ C:\Windows\System32\Tasks\TR_Updater</p><p>2018-04-01 04:07 - 2018-04-01 04:07 - 000004054 _____ C:\Windows\System32\Tasks\TR_FastScan_Daily_Kai</p><p>2018-04-01 04:07 - 2018-04-01 04:07 - 000003880 _____ C:\Windows\System32\Tasks\TR_FastScan_AtLogon</p><p>2018-04-01 04:07 - 2018-04-01 04:07 - 000000000 ____D C:\Users\Kai\Documents\Simply Super Software</p><p>2018-04-01 04:07 - 2018-04-01 04:07 - 000000000 ____D C:\ProgramData\Simply Super Software</p><p>2018-04-01 04:07 - 2018-04-01 04:07 - 000000000 ____D C:\Program Files (x86)\Trojan Remover</p><p>2018-03-31 20:53 - 2018-04-02 18:58 - 000002101 _____ C:\Users\Public\Desktop\Malwarebytes.lnk</p><p>2018-03-31 20:53 - 2018-03-19 11:57 - 000076192 _____ C:\Windows\System32\Drivers\mbae64.sys</p><p>2018-03-31 18:26 - 2018-04-03 14:44 - 000000000 ____D C:\Program Files\Common Files\AV</p><p>2018-03-31 18:19 - 2018-04-02 16:10 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files</p><p>2018-03-31 18:12 - 2018-04-02 19:03 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job</p><p>2018-03-31 18:12 - 2018-04-02 03:30 - 000000000 ____D C:\Windows\pss</p><p>2018-03-31 17:51 - 2018-04-01 12:06 - 000000000 ____D C:\Windows\Minidump</p><p>2018-03-31 17:42 - 2018-04-02 19:05 - 000102112 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys</p><p>2018-03-31 17:42 - 2018-03-31 17:42 - 000000000 ____D C:\Program Files\Malwarebytes</p><p>2018-03-31 17:31 - 2018-03-31 17:31 - 000079064 _____ (Malwarebytes) C:\Windows\System32\Drivers\fljm.sys</p><p>2018-03-31 17:13 - 2018-03-31 17:13 - 000079064 _____ (Malwarebytes) C:\Windows\System32\Drivers\mefrkund.sys</p><p>2018-03-31 17:00 - 2018-04-03 16:13 - 000000000 ____D C:\Users\Kai\AppData\Local\wmcagent</p><p>2018-03-31 17:00 - 2018-04-01 05:30 - 000000000 ____D C:\Users\Kai\AppData\Local\wmmvtpn</p><p>2018-03-31 16:57 - 2018-04-03 16:13 - 000000000 ____D C:\Users\Kai\AppData\Local\tihawem</p><p>2018-03-31 16:56 - 2018-04-03 15:08 - 002888704 _____ C:\Windows\System32\dsoclegsvc.exe</p><p>2018-03-31 16:56 - 2018-03-31 16:56 - 000000000 ____D C:\Windows\SysWOW64\widmkhl</p><p>2018-03-31 16:56 - 2018-03-31 16:56 - 000000000 ____D C:\Windows\System32\widmkhl</p><p>2018-03-31 16:55 - 2018-03-31 16:55 - 000003758 _____ C:\Windows\System32\Tasks\{5C03E5CF-1BA7-9901-9FA4-7E0E72E817E9}</p><p>2018-03-31 16:55 - 2018-03-31 16:55 - 000003544 _____ C:\Windows\System32\Tasks\{B3FDCEDF-0075-C5AB-3BDA-5A116786AAE3}</p><p>2018-03-31 16:55 - 2018-03-31 16:55 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}</p><p>2018-03-31 16:55 - 2018-03-31 16:55 - 000000000 ____D C:\Users\Kai\AppData\Roaming\et</p><p>2018-03-31 16:12 - 2017-12-22 09:53 - 108846128 _____ (CANON INC.) C:\Users\Kai\Desktop\euw3.8.20-installer.exe</p><p>2018-03-31 16:01 - 2018-03-31 16:01 - 000000000 ____D C:\Users\Kai\AppData\Roaming\Canon_Inc_IC</p><p>2018-03-31 00:52 - 2018-03-31 00:52 - 000052429 _____ C:\Windows\uninstaller.dat</p><p>2018-03-31 00:52 - 2018-03-31 00:52 - 000014040 _____ C:\Windows\System32\Drivers\6a6cff5e551f4623b5a589ceaf395356.sys</p><p>2018-03-29 21:46 - 2018-03-29 22:30 - 418386912 _____ C:\Users\Kai\Desktop\Brothers First BlowJob - Mandy Flores [720p].wmv</p><p>2018-03-29 19:21 - 2018-03-31 14:18 - 000000000 ____D C:\PSO2 Tweaker</p><p>2018-03-29 19:21 - 2018-03-29 20:12 - 000000000 ____D C:\Users\Kai\AppData\Roaming\PSO2 Tweaker</p><p>2018-03-29 19:21 - 2018-03-29 19:21 - 000000000 ____D C:\Users\Kai\Documents\SEGA</p><p>2018-03-29 19:21 - 2018-03-29 19:21 - 000000000 ____D C:\PHANTASYSTARONLINE2</p><p>2018-03-25 13:57 - 2018-03-29 20:07 - 000000000 ____D C:\Windows\SysWOW64\directx</p><p>2018-03-23 14:28 - 2018-03-23 14:28 - 000000000 ____D C:\Program Files (x86)\VulkanRT</p><p>2018-03-23 14:28 - 2018-03-15 14:42 - 000137664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe</p><p>2018-03-23 14:28 - 2017-12-08 14:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll</p><p>2018-03-23 14:28 - 2017-12-08 14:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe</p><p>2018-03-23 14:28 - 2017-12-08 14:24 - 000928568 _____ C:\Windows\System32\vulkan-1.dll</p><p>2018-03-23 14:28 - 2017-12-08 14:24 - 000591672 _____ C:\Windows\System32\vulkaninfo.exe</p><p>2018-03-23 14:27 - 2018-03-23 14:27 - 000000000 ____D C:\Windows\LastGood.Tmp</p><p>2018-03-23 14:26 - 2018-03-16 10:12 - 000997280 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:12 - 000949176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:12 - 000625592 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:12 - 000515672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 040278616 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 035189336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 004318464 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 003719200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 001985280 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6439124.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 001684000 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6439124.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 001138432 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 001066072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 000748960 _____ (NVIDIA Corporation) C:\Windows\System32\nvDecMFTMjpeg.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:11 - 000608344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 019854816 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 013571008 _____ (NVIDIA Corporation) C:\Windows\System32\nvptxJitCompiler.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 011131872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 001355408 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncMFThevc.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 001346128 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncMFTH264.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 001153568 _____ (NVIDIA Corporation) C:\Windows\System32\nvfatbinaryLoader.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 001067368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 000811992 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 000650232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:01 - 000633224 _____ (NVIDIA Corporation) C:\Windows\System32\nvmcumd.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:00 - 012966216 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll</p><p>2018-03-23 14:26 - 2018-03-16 10:00 - 001061168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll</p><p>2018-03-23 14:20 - 2018-03-23 14:20 - 000004088 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-19 16:18 - 2018-03-26 19:23 - 000000000 ____D C:\Users\Kai\vmlogs</p><p>2018-03-19 16:18 - 2018-03-26 19:23 - 000000000 ____D C:\Users\Kai\.android</p><p>2018-03-13 21:36 - 2018-03-13 21:36 - 000004556 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier</p><p>2018-03-13 20:52 - 2018-03-01 19:36 - 017085440 _____ (Microsoft Corporation) C:\Windows\System32\HologramCompositor.dll</p><p>2018-03-13 20:52 - 2018-03-01 19:02 - 000037888 _____ C:\Windows\System32\SpectrumSyncClient.dll</p><p>2018-03-13 20:52 - 2018-03-01 19:01 - 000640000 _____ (Microsoft Corporation) C:\Windows\System32\HeadTrackerStorage.dll</p><p>2018-03-13 20:52 - 2018-03-01 19:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Feedback.Analog.dll</p><p>2018-03-13 20:52 - 2018-03-01 19:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\System32\svf.dll</p><p>2018-03-13 20:52 - 2018-03-01 19:00 - 000230912 _____ (Microsoft Corporation) C:\Windows\System32\HoloShellRuntime.dll</p><p>2018-03-13 20:52 - 2018-03-01 18:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\System32\Spectrum.exe</p><p>2018-03-13 20:52 - 2018-03-01 12:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:50 - 000270744 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:49 - 000389536 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:48 - 000664472 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:47 - 000749464 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:47 - 000035224 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe</p><p>2018-03-13 20:52 - 2018-02-28 23:46 - 002003352 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe</p><p>2018-03-13 20:52 - 2018-02-28 23:46 - 001568664 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:46 - 000609176 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:46 - 000138144 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe</p><p>2018-03-13 20:52 - 2018-02-28 23:45 - 000070040 _____ (Microsoft Corporation) C:\Windows\System32\win32appinventorycsp.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:40 - 002514936 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:40 - 000461720 _____ (Microsoft Corporation) C:\Windows\System32\dcntel.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:40 - 000273304 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:31 - 008602520 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe</p><p>2018-03-13 20:52 - 2018-02-28 23:30 - 000540064 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe</p><p>2018-03-13 20:52 - 2018-02-28 23:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:27 - 001173576 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:26 - 000170912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:25 - 000377752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:23 - 000749976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\System32\MSVideoDSP.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:17 - 002710736 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe</p><p>2018-03-13 20:52 - 2018-02-28 23:17 - 000408984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:15 - 002574232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:14 - 007675784 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:14 - 007384576 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Protection.PlayReady.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\System32\AuthFWSnapin.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:14 - 000356952 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:14 - 000147872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcifs.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:14 - 000128928 _____ (Microsoft Corporation) C:\Windows\System32\offlinelsa.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:12 - 000677272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\System32\offlinesam.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\System32\SecurityHealthAgent.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:11 - 000093600 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:10 - 001779936 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\System32\SecurityHealthProxyStub.dll</p><p>2018-03-13 20:52 - 2018-02-28 23:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys</p><p>2018-03-13 20:52 - 2018-02-28 23:09 - 001054272 _____ (Microsoft Corporation) C:\Windows\System32\msvproc.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:51 - 000777904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:48 - 001930736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:29 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:26 - 001057816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:09 - 025251840 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys</p><p>2018-03-13 20:52 - 2018-02-28 22:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll</p><p>2018-03-13 20:52 - 2018-02-28 22:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:54 - 003664384 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys</p><p>2018-03-13 20:52 - 2018-02-28 21:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:54 - 001296896 _____ (Microsoft Corporation) C:\Windows\System32\usocore.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:54 - 000496128 _____ (Microsoft Corporation) C:\Windows\System32\updatehandlers.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000863232 _____ (Microsoft Corporation) C:\Windows\System32\MusUpdateHandlers.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000536576 _____ (Microsoft Corporation) C:\Windows\System32\edgeIso.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000399872 _____ (Microsoft Corporation) C:\Windows\System32\MusNotification.exe</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000246272 _____ (Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\System32\IndexedDbLegacy.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\System32\musdialoghandlers.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\System32\updatecsp.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\System32\usoapi.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000056320 _____ (Microsoft Corporation) C:\Windows\System32\AcSpecfc.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\System32\UsoClient.exe</p><p>2018-03-13 20:52 - 2018-02-28 21:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\System32\EdgeManager.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys</p><p>2018-03-13 20:52 - 2018-02-28 21:51 - 000023552 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:50 - 000526336 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:50 - 000118272 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:50 - 000075264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcnfs.sys</p><p>2018-03-13 20:52 - 2018-02-28 21:49 - 000675328 _____ (Microsoft Corporation) C:\Windows\System32\webplatstorageserver.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys</p><p>2018-03-13 20:52 - 2018-02-28 21:49 - 000301056 _____ (Microsoft Corporation) C:\Windows\System32\MicrosoftAccountWAMExtension.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\System32\HolographicExtensions.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:48 - 000431616 _____ (Microsoft Corporation) C:\Windows\System32\msIso.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:47 - 023674368 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Payments.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\System32\cdpusersvc.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdiWiFi.sys</p><p>2018-03-13 20:52 - 2018-02-28 21:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:45 - 000708096 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:45 - 000594944 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:45 - 000386560 _____ (Microsoft Corporation) C:\Windows\System32\zipfldr.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:44 - 008030720 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:44 - 005195776 _____ (Microsoft Corporation) C:\Windows\System32\cdp.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:43 - 012830208 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:42 - 002084352 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys</p><p>2018-03-13 20:52 - 2018-02-28 21:41 - 008103936 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:41 - 004745728 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:41 - 003334144 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:41 - 001548288 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:41 - 000812032 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:40 - 005833216 _____ (Microsoft Corporation) C:\Windows\System32\dbgeng.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:39 - 002222592 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:39 - 002035712 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:39 - 000666624 _____ (Microsoft Corporation) C:\Windows\System32\DbgModel.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:38 - 000963072 _____ (Microsoft Corporation) C:\Windows\System32\StorSvc.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:38 - 000726016 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys</p><p>2018-03-13 20:52 - 2018-02-28 21:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:36 - 000030208 _____ (Microsoft Corporation) C:\Windows\System32\msisip.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:35 - 000568320 _____ (Microsoft Corporation) C:\Windows\System32\msra.exe</p><p>2018-03-13 20:52 - 2018-02-28 21:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\System32\racpldlg.dll</p><p>2018-03-13 20:52 - 2018-02-28 21:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\System32\pcalua.exe</p><p>2018-03-13 20:52 - 2018-02-21 18:23 - 001092016 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi</p><p>2018-03-13 20:52 - 2018-02-21 18:23 - 000924648 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe</p><p>2018-03-13 20:52 - 2018-02-21 18:13 - 000279456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:13 - 000077216 _____ (Microsoft Corporation) C:\Windows\System32\hvloader.dll</p><p>2018-03-13 20:52 - 2018-02-21 18:11 - 000109984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:08 - 001206688 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe</p><p>2018-03-13 20:52 - 2018-02-21 18:08 - 001055648 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe</p><p>2018-03-13 20:52 - 2018-02-21 18:08 - 000571288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:07 - 001415296 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi</p><p>2018-03-13 20:52 - 2018-02-21 18:07 - 001209248 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe</p><p>2018-03-13 20:52 - 2018-02-21 18:07 - 000194456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:03 - 000712600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:03 - 000082848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:02 - 000149400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys</p><p>2018-03-13 20:52 - 2018-02-21 18:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys</p><p>2018-03-13 20:52 - 2018-02-21 17:59 - 021351624 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll</p><p>2018-03-13 20:52 - 2018-02-21 17:54 - 000437144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS</p><p>2018-03-13 20:52 - 2018-02-21 17:52 - 000103328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys</p><p>2018-03-13 20:52 - 2018-02-21 17:51 - 000555424 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS</p><p>2018-03-13 20:52 - 2018-02-21 17:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys</p><p>2018-03-13 20:52 - 2018-02-21 17:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storufs.sys</p><p>2018-03-13 20:52 - 2018-02-21 17:50 - 000362904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys</p><p>2018-03-13 20:52 - 2018-02-21 17:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys</p><p>2018-03-13 20:52 - 2018-02-21 16:41 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll</p><p>2018-03-13 20:52 - 2018-02-21 16:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UcmUcsi.sys</p><p>2018-03-13 20:52 - 2018-02-21 16:30 - 000192512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netvsc.sys</p><p>2018-03-13 20:52 - 2018-02-21 16:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys</p><p>2018-03-13 20:52 - 2018-02-21 16:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RfxVmt.sys</p><p>2018-03-13 20:52 - 2018-02-21 16:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\System32\MSVPXENC.dll</p><p>2018-03-13 20:52 - 2018-02-21 16:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\System32\cldapi.dll</p><p>2018-03-13 20:52 - 2018-02-21 16:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll</p><p>2018-03-13 20:52 - 2018-02-21 16:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll</p><p>2018-03-13 19:44 - 2018-03-13 19:46 - 110092367 _____ C:\Users\Kai\Downloads\SpankBang_carolina+sweets+stepfatherdaughterperversions7_480p.mp4</p><p>2018-03-13 00:04 - 2018-02-25 19:44 - 001985384 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6439101.dll</p><p>2018-03-13 00:04 - 2018-02-25 19:44 - 001684000 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6439101.dll</p><p>2018-03-05 23:42 - 2018-03-05 23:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software</p><p>2018-03-05 23:39 - 2018-04-01 19:37 - 000000000 ____D C:\ProgramData\AVAST Software</p><p>==================== One Month Modified files and folders ========</p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p>2018-04-03 15:09 - 2017-12-03 05:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT</p><p>2018-04-03 15:09 - 2017-09-29 00:45 - 022544384 _____ C:\Windows\System32\config\HARDWARE</p><p>2018-04-03 15:09 - 2017-09-29 00:45 - 000524288 _____ C:\Windows\System32\config\BBI</p><p>2018-04-03 15:09 - 2016-09-21 15:01 - 000000000 ____D C:\ProgramData\NVIDIA</p><p>2018-04-03 15:08 - 2017-10-18 05:54 - 000004553 _____ C:\Users\Kai\AppData\Roaming\VoiceMeeterDefault.xml</p><p>2018-04-03 14:55 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\DeliveryOptimization</p><p>2018-04-03 14:51 - 2017-12-03 05:19 - 002022780 _____ C:\Windows\System32\PerfStringBackup.INI</p><p>2018-04-03 14:35 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\System32\NDF</p><p>2018-04-03 14:30 - 2017-12-03 05:15 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update</p><p>2018-04-03 14:30 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\AppReadiness</p><p>2018-04-03 05:52 - 2017-12-03 05:09 - 000000000 ____D C:\Windows\System32\SleepStudy</p><p>2018-04-02 18:28 - 2015-11-04 21:53 - 000000000 ____D C:\ProgramData\Malwarebytes</p><p>2018-04-02 18:15 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps</p><p>2018-04-02 17:21 - 2015-10-03 22:08 - 000000000 __RHD C:\ESD</p><p>2018-04-02 17:19 - 2017-12-02 10:19 - 000000000 ___DC C:\Windows\Panther</p><p>2018-04-02 16:47 - 2015-11-04 21:31 - 000000000 ____D C:\Users\Kai\AppData\Local\Google</p><p>2018-04-02 16:16 - 2016-12-20 16:51 - 000093888 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klwfp.sys</p><p>2018-04-02 16:16 - 2016-10-12 11:29 - 000057032 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klim6.sys</p><p>2018-04-02 16:13 - 2017-12-25 07:31 - 000120008 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klbackupflt.sys</p><p>2018-04-02 16:12 - 2017-09-29 05:44 - 000000000 ____D C:\Windows\INF</p><p>2018-04-02 16:11 - 2017-09-29 05:46 - 000000000 ___HD C:\Windows\ELAMBKUP</p><p>2018-04-02 15:51 - 2016-03-12 22:49 - 000000000 ____D C:\Program Files (x86)\Google</p><p>2018-04-02 15:00 - 2015-10-17 09:22 - 000000000 ____D C:\ProgramData\TEMP</p><p>2018-04-02 14:45 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\LiveKernelReports</p><p>2018-04-02 14:45 - 2017-05-07 15:19 - 000000000 ____D C:\Program Files (x86)\Steam</p><p>2018-04-02 14:45 - 2015-12-22 16:09 - 000000000 ____D C:\Users\Kai\AppData\Local\CrashDumps</p><p>2018-04-02 14:30 - 2016-01-18 20:30 - 000000000 ____D C:\Users\Kai\AppData\Local\ElevatedDiagnostics</p><p>2018-04-01 20:48 - 2015-10-04 10:56 - 000000000 ____D C:\Users\Kai\AppData\Roaming\vlc</p><p>2018-04-01 19:19 - 2017-12-03 05:11 - 000000000 ____D C:\users\Kai</p><p>2018-04-01 13:44 - 2016-03-02 17:20 - 000000000 ____D C:\ProgramData\Baidu</p><p>2018-04-01 12:41 - 2016-08-25 16:27 - 000000000 ____D C:\Users\Kai\AppData\Roaming\IObit</p><p>2018-04-01 04:41 - 2015-10-29 22:28 - 000000000 ____D C:\users\Default.migrated</p><p>2018-04-01 04:33 - 2015-10-13 20:05 - 000000000 ____D C:\Program Files (x86)\Panda Security</p><p>2018-04-01 04:11 - 2017-09-29 00:45 - 000032768 _____ C:\Windows\System32\config\ELAM</p><p>2018-04-01 01:39 - 2017-01-28 01:27 - 000000000 ____D C:\Users\Kai\AppData\Roaming\PlaysTV</p><p>2018-03-31 20:28 - 2017-01-25 19:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy</p><p>2018-03-31 20:09 - 2016-03-21 19:00 - 000000000 ____D C:\Users\Kai\AppData\Roaming\discord</p><p>2018-03-31 19:12 - 2017-04-27 00:30 - 000000000 ____D C:\Users\Kai\Documents\Wooxy</p><p>2018-03-31 17:42 - 2015-11-04 21:53 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2018-03-31 17:34 - 2016-09-21 15:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation</p><p>2018-03-31 17:31 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\TextInput</p><p>2018-03-31 17:12 - 2015-10-04 20:59 - 000000000 ____D C:\Users\Kai\AppData\Roaming\qBittorrent</p><p>2018-03-31 17:06 - 2017-09-02 03:18 - 000000000 ____D C:\Temp</p><p>2018-03-31 16:55 - 2015-10-11 10:02 - 000000000 ____D C:\ProgramData\Intel</p><p>2018-03-31 16:36 - 2016-11-10 17:10 - 000000000 ____D C:\Users\Kai\AppData\Roaming\obs-studio</p><p>2018-03-31 16:17 - 2018-01-21 18:53 - 000000000 ____D C:\Users\Kai\AppData\Local\Canon_INC</p><p>2018-03-31 16:13 - 2018-01-21 14:04 - 000000000 ____D C:\Program Files (x86)\Canon</p><p>2018-03-26 20:50 - 2017-07-30 16:31 - 000000000 ____D C:\Users\Kai\AppData\Local\Nox</p><p>2018-03-25 13:14 - 2016-04-23 21:34 - 000000000 ____D C:\Users\Kai\AppData\Roaming\NexonLauncher</p><p>2018-03-23 23:44 - 2015-10-11 09:10 - 000000000 ____D C:\Users\Kai\AppData\Local\NVIDIA</p><p>2018-03-23 14:28 - 2016-09-21 15:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation</p><p>2018-03-23 14:20 - 2017-12-03 05:15 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-23 14:20 - 2017-12-03 05:15 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-23 14:20 - 2017-12-03 05:15 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-23 14:20 - 2017-12-03 05:15 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-23 14:20 - 2017-12-03 05:15 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-23 14:20 - 2017-12-03 05:15 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-23 14:20 - 2017-12-03 05:15 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}</p><p>2018-03-23 14:20 - 2016-09-21 15:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation</p><p>2018-03-22 00:48 - 2015-10-12 16:42 - 000007603 _____ C:\Users\Kai\AppData\Local\Resmon.ResmonCfg</p><p>2018-03-21 20:30 - 2016-09-30 00:21 - 000000000 ____D C:\Program Files (x86)\Rockstar Games</p><p>2018-03-21 20:30 - 2016-09-30 00:20 - 000000000 ____D C:\Program Files\Rockstar Games</p><p>2018-03-20 08:54 - 2016-09-21 18:48 - 000000000 ___RD C:\Users\Kai\OneDrive</p><p>2018-03-18 00:59 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\rescache</p><p>2018-03-16 10:01 - 2017-11-30 09:44 - 016496072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll</p><p>2018-03-16 10:01 - 2017-11-30 09:44 - 000902096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll</p><p>2018-03-16 10:00 - 2017-11-30 09:44 - 011000296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll</p><p>2018-03-16 10:00 - 2017-11-30 09:44 - 004629824 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll</p><p>2018-03-16 10:00 - 2017-11-30 09:44 - 003937000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll</p><p>2018-03-15 16:57 - 2017-11-30 09:44 - 000058816 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvhci.sys</p><p>2018-03-15 16:57 - 2017-11-30 09:44 - 000048407 _____ C:\Windows\System32\nvinfo.pb</p><p>2018-03-15 15:14 - 2017-09-02 03:30 - 000001951 _____ C:\Windows\NvContainerRecovery.bat</p><p>2018-03-15 14:40 - 2016-09-21 15:01 - 005952640 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll</p><p>2018-03-15 14:40 - 2016-09-21 15:01 - 002589576 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll</p><p>2018-03-15 14:40 - 2016-09-21 15:01 - 001767816 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll</p><p>2018-03-15 14:40 - 2016-09-21 15:01 - 000634256 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll</p><p>2018-03-15 14:40 - 2016-09-21 15:01 - 000451040 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll</p><p>2018-03-15 14:40 - 2016-09-21 15:01 - 000123840 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll</p><p>2018-03-15 14:40 - 2016-09-21 15:01 - 000083072 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll</p><p>2018-03-15 14:39 - 2016-09-21 15:01 - 008099202 _____ C:\Windows\System32\nvcoproc.bin</p><p>2018-03-14 15:43 - 2017-12-03 05:24 - 000000000 ___RD C:\Users\Kai\3D Objects</p><p>2018-03-14 15:43 - 2015-09-09 21:44 - 000000000 __RHD C:\Users\Public\AccountPictures</p><p>2018-03-14 15:42 - 2017-12-03 05:09 - 000291368 _____ C:\Windows\System32\FNTCACHE.DAT</p><p>2018-03-14 06:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\System32\appraiser</p><p>2018-03-14 06:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\ShellExperiences</p><p>2018-03-14 06:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\PolicyDefinitions</p><p>2018-03-14 05:05 - 2017-09-02 03:30 - 002480064 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll</p><p>2018-03-14 05:05 - 2017-09-02 03:30 - 002137024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll</p><p>2018-03-14 05:05 - 2017-09-02 03:30 - 001310144 _____ (NVIDIA Corporation) C:\Windows\System32\NvRtmpStreamer64.dll</p><p>2018-03-14 04:44 - 2017-04-06 15:02 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat</p><p>2018-03-13 21:36 - 2017-12-03 05:15 - 000004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater</p><p>2018-03-13 21:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed</p><p>2018-03-13 21:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\System32\Macromed</p><p>2018-03-13 20:57 - 2017-09-29 05:37 - 000000000 ____D C:\Windows\CbsTemp</p><p>2018-03-13 20:56 - 2015-10-04 15:20 - 000000000 ____D C:\Windows\System32\MRT</p><p>2018-03-13 20:55 - 2017-10-10 19:57 - 130364688 ____C (Microsoft Corporation) C:\Windows\System32\MRT-KB890830.exe</p><p>2018-03-13 20:55 - 2015-10-04 15:20 - 130364688 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe</p><p>2018-03-13 20:53 - 2017-09-29 05:41 - 000140800 _____ (Microsoft Corporation) C:\Windows\System32\Chakradiag.dll</p><p>2018-03-13 20:53 - 2017-09-29 05:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll</p><p>2018-03-04 22:18 - 2017-09-02 03:30 - 000189784 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll</p><p>2018-03-04 22:18 - 2017-09-02 03:30 - 000152408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll</p><p>==================== Known DLLs (Whitelisted) =========================</p><p></p><p>==================== Bamital & volsnap ======================</p><p>(There is no automatic fix for files that do not pass verification.)</p><p>C:\Windows\System32\winlogon.exe => MD5 is legit</p><p>C:\Windows\System32\wininit.exe => MD5 is legit</p><p>C:\Windows\explorer.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\explorer.exe => MD5 is legit</p><p>C:\Windows\System32\svchost.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\svchost.exe => MD5 is legit</p><p>C:\Windows\System32\services.exe => MD5 is legit</p><p>C:\Windows\System32\User32.dll => MD5 is legit</p><p>C:\Windows\SysWOW64\User32.dll => MD5 is legit</p><p>C:\Windows\System32\userinit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\userinit.exe => MD5 is legit</p><p>C:\Windows\System32\rpcss.dll => MD5 is legit</p><p>C:\Windows\System32\dnsapi.dll => MD5 is legit</p><p>C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit</p><p>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</p><p>==================== Association (Whitelisted) =============</p><p></p><p>==================== Restore Points =========================</p><p>Restore point date: 2018-04-02 19:07</p><p>Restore point date: 2018-04-03 05:53</p><p>==================== Memory info ===========================</p><p>Percentage of memory in use: 6%</p><p>Total physical RAM: 16335.1 MB</p><p>Available physical RAM: 15310.09 MB</p><p>Total Virtual: 16335.1 MB</p><p>Available Virtual: 15353.77 MB</p><p>==================== Drives ================================</p><p>Drive c: (Main SSD) (Fixed) (Total:930.97 GB) (Free:311.43 GB) NTFS</p><p>Drive d: (Main HDD) (Fixed) (Total:931.39 GB) (Free:50.75 GB) NTFS</p><p>Drive e: (RECOVERY) (Removable) (Total:7.45 GB) (Free:7.06 GB) FAT32</p><p>Drive f: (USB) (Removable) (Total:7.25 GB) (Free:7.25 GB) FAT32</p><p>Drive h: () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS</p><p>Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS</p><p>Drive y: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]</p><p></p><p>==================== MBR & Partition Table ==================</p><p>========================================================</p><p>Disk: 0 (Size: 931.5 GB) (Disk ID: FCDAF39D)</p><p>Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=449 MB) - (Type=27)</p><p>========================================================</p><p>Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)</p><p>Partition: GPT.</p><p>========================================================</p><p>Disk: 2 (MBR Code: Windows 7/8/10) (Size: 7.5 GB) (Disk ID: 35B99682)</p><p>Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)</p><p>========================================================</p><p>Disk: 3 (MBR Code: Windows 7/8/10) (Size: 7.3 GB) (Disk ID: F133DCD6)</p><p>Partition 1: (Active) - (Size=7.3 GB) - (Type=0C)</p><p>LastRegBack: 2018-03-27 02:49</p><p>==================== End of FRST.txt ============================</p></blockquote><p></p>
[QUOTE="Riccrocc789, post: 723756, member: 71346"] Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018 Ran by SYSTEM on MININT-180LNFK (03-04-2018 16:13:11) Running from F:\ Platform: Windows 10 Pro Version 1709 16299.309 (X64) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL] ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation) HKLM\...\Run: [Fight Stick Alpha] => C:\Program Files\Mad Catz\Fight Stick Alpha\Fight_Stick_Alpha_Profiler.exe [671232 2016-03-04] (Mad Catz Inc) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16073336 2016-08-10] (Logitech Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776192 2016-12-02] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11328464 2015-09-11] (Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [GammingApp] => C:\Program Files (x86)\MSI\MSI Gaming APP\SGamingApp.exe [1147048 2015-09-03] (Micro-Star Int'l Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-12-12] (Copyright (c) 2017 Plays.tv, LLC) HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe, Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\Default\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation) HKU\Default User\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation) HKU\Kai\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd) HKU\Kai\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) HKU\Kai\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3198752 2018-03-26] (Valve Corporation) HKU\Kai\...\Run: [Discord] => C:\Users\Kai\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.) HKU\Kai\...\RunOnce: [Application Restart #5] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI) HKU\Kai\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI) HKU\Kai\...\RunOnce: [Application Restart #1] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI) HKU\Kai\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592 2018-03-19] (Google Inc.) HKU\Kai\...\RunOnce: [Application Restart #3] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI) Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2018-01-21] ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2018-01-22] ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2017-10-18] ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (VB-AUDIO Software) GroupPolicyScripts: Restriction <==== ATTENTION GroupPolicyScripts-x32: Restriction <==== ATTENTION ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) "HKLM\System\ControlSet001\Services\aehknr" => removed successfully "HKLM\System\ControlSet001\Services\anhot" => removed successfully C:\Windows\System32\drivers\rtradhkn.sys => moved successfully C:\Users\Kai\AppData\Local\tihawem\wmczogt.exe => moved successfully C:\Users\Kai\AppData\Local\wmcagent\wmcagent.exe => moved successfully C:\Users\Kai\AppData\Local\wmcagent\wow_helper.exe => moved successfully S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2016-05-27] () S2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-03-08] () S4 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [34984 2015-09-03] (Micro-Star Int'l Co., Ltd.) S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe [426416 2018-04-02] (AO Kaspersky Lab) S2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-28] (IObit) S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-10] (Logitech Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes) S2 Microsoft DirectX Configuration Service; C:\Windows\SysWOW64\dxconfig.exe [64512 2016-02-15] () S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1768912 2015-09-11] (Micro-Star INT'L CO., LTD.) S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-12-12] (Copyright (c) 2017 Plays.tv, LLC) S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] () S2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek) S2 RunSwUSB; C:\Windows\runSW.exe [48856 2013-10-18] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-02] (Microsoft Corporation) S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-02] (Microsoft Corporation) S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-02] (Microsoft Corporation) S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-23] (ASRock Incorporation) S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA) S0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab) S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-02-03] (Intel Corporation) S3 ElcMouLFlt; C:\Windows\System32\drivers\ElcMouLFlt.sys [28648 2015-10-17] (ELECOM) S3 ElcMouUFlt; C:\Windows\System32\drivers\ElcMouUFlt.sys [27624 2015-10-17] (ELECOM) S1 epp; C:\EEK\bin64\epp.sys [142448 2018-03-27] (Emsisoft Ltd) S3 EvolveVirtualAdapter; C:\Windows\System32\drivers\evolve.sys [21656 2016-01-01] (Echobit, LLC) S3 hcwE5bda; C:\Windows\system32\drivers\hcwE5bda.sys [985096 2016-02-08] (Hauppauge Computer Work, Inc.) S3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] () S3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-02-03] () S3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] () S3 Kinonih; C:\Windows\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni) S3 KINONI_Wave; C:\Windows\system32\drivers\kinonivad.sys [32360 2016-04-17] (Windows (R) Win 7 DDK provider) S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab) S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-25] (AO Kaspersky Lab) S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [120008 2018-04-02] (AO Kaspersky Lab) S2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab) S3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [207576 2018-04-02] (AO Kaspersky Lab) S1 KLHK; C:\Windows\System32\drivers\klhk.sys [594144 2018-04-02] (AO Kaspersky Lab) S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1055944 2018-04-02] (AO Kaspersky Lab) S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-04-02] (AO Kaspersky Lab) S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab) S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab) S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-12-25] (AO Kaspersky Lab) S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab) S3 kltap; C:\Windows\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) S0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [231312 2018-04-02] (AO Kaspersky Lab) S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2018-04-02] (AO Kaspersky Lab) S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [252600 2018-04-02] (AO Kaspersky Lab) S0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [107656 2018-04-02] (AO Kaspersky Lab) S3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [174664 2018-04-02] (AO Kaspersky Lab) S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [93888 2018-04-02] (AO Kaspersky Lab) S1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [135904 2017-12-25] (AO Kaspersky Lab) S1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199392 2017-12-25] (AO Kaspersky Lab) S3 ladfGSS; C:\Windows\system32\drivers\ladfGSS.sys [45208 2016-08-09] (Logitech Inc.) S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2016-06-24] (Logitech Inc.) S1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2018-04-01] () S3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [102112 2018-04-02] (Malwarebytes) S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) S2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2017-01-04] (Nicomsoft Ltd.) S4 most; C:\Windows\System32\drivers\mefrkund.sys [79064 2018-03-31] (Malwarebytes) S1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [107488 2017-02-08] (Panda Security, S.L.) S1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.) S1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [121312 2017-02-08] (Panda Security, S.L.) S1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.) S1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.) S1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.) S1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [91104 2017-02-08] (Panda Security, S.L.) S1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.) S1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.) S1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [197600 2017-02-08] (Panda Security, S.L.) S1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.) S1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.) S1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.) S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) S3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_95d88c9d04436846\nvlddmkm.sys [17526688 2018-03-16] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation) S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2014-11-12] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation) S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [58816 2018-03-15] (NVIDIA Corporation) S2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [177424 2017-02-12] (Panda Security, S.L.) S2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129296 2017-02-12] (Panda Security, S.L.) S1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [205584 2017-02-20] (Panda Security, S.L.) S2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [131344 2017-02-12] (Panda Security, S.L.) S2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [144656 2017-02-12] (Panda Security, S.L.) S2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [114960 2017-02-12] (Panda Security, S.L.) S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8213328 2018-01-31] (Realtek Semiconductor Corporation ) S3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [47312 2015-09-03] (Razer Inc) S2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.) S2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.) S3 SaiX8180; C:\Windows\System32\drivers\SaiX8180.sys [65784 2016-03-08] (Saitek, Madcatz, Ltd.) S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 sparkocam; C:\Windows\system32\DRIVERS\sparkocam.sys [37200 2016-09-01] (Sparkosoft) S3 sparkocammic; C:\Windows\system32\drivers\sparkocammic.sys [34640 2018-01-10] (Sparkosoft) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider) S3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-10-17] (Windows (R) Win 7 DDK provider) S4 vysj; C:\Windows\System32\drivers\fljm.sys [79064 2018-03-31] (Malwarebytes) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-03-02] (Microsoft Corporation) S0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288296 2018-03-02] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-02] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-03-22] (Wellbia.com Co., Ltd.) S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-04-01] (Zemana Ltd.) S3 aswbdisk; no ImagePath S0 PsBoot; system32\Drivers\PsBoot.sys [X] S4 sxmgr; System32\drivers\nvhgkixc.sys [X] S1 texuxkqt; \??\C:\WINDOWS\system32\drivers\texuxkqt.sys [X] S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-03 15:05 - 2018-04-03 15:05 - 000000000 ____D C:\Users\Kai\AppData\Local\aubroml 2018-04-03 15:01 - 2018-04-03 15:01 - 002403328 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe 2018-04-03 14:50 - 2018-04-03 14:50 - 000000000 ____D C:\Users\Kai\AppData\Local\pcsxndu 2018-04-02 20:38 - 2018-04-02 20:38 - 000000000 ____D C:\Users\Kai\AppData\Local\pcbvxeg 2018-04-02 19:38 - 2018-04-02 19:38 - 000000000 ____D C:\Users\Kai\AppData\Local\conabxz 2018-04-02 19:30 - 2018-04-02 19:30 - 000000000 ____D C:\Users\Kai\AppData\Local\raaebdc 2018-04-02 19:25 - 2018-04-02 19:25 - 000000000 ____D C:\ProgramData\Emsisoft 2018-04-02 19:24 - 2018-04-02 19:27 - 000000000 ____D C:\EEK 2018-04-02 19:20 - 2018-04-02 19:23 - 323431136 _____ C:\Users\Kai\Desktop\EmsisoftEmergencyKit.exe 2018-04-02 19:14 - 2018-04-02 19:14 - 000074734 _____ C:\Users\Kai\Desktop\FRST.txt 2018-04-02 19:14 - 2018-04-02 19:14 - 000069971 _____ C:\Users\Kai\Desktop\Addition.txt 2018-04-02 19:14 - 2018-04-02 19:14 - 000000000 ____D C:\Users\Kai\AppData\Roaming\ProductData 2018-04-02 19:14 - 2018-04-02 19:14 - 000000000 ____D C:\Users\Kai\AppData\Local\wdnxvlo 2018-04-02 19:06 - 2018-04-02 19:06 - 000000000 ____D C:\Users\Kai\AppData\Local\exbulwp 2018-04-02 19:04 - 2018-04-02 19:04 - 000000000 ____D C:\Users\Kai\AppData\Local\exivsth 2018-04-02 18:57 - 2018-04-02 18:57 - 000000000 ____D C:\Users\Kai\AppData\Local\lsnvepb 2018-04-02 18:48 - 2018-04-02 18:48 - 002403328 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe 2018-04-02 18:47 - 2018-04-02 18:51 - 195689920 _____ (Sophos Limited) C:\Users\Kai\Desktop\Sophos Virus Removal Tool.exe 2018-04-02 18:28 - 2018-04-02 18:28 - 000255928 _____ (Malwarebytes) C:\Windows\System32\Drivers\725297C9.sys 2018-04-02 18:27 - 2018-04-02 18:37 - 000000000 ____D C:\Users\Kai\Desktop\mbar 2018-04-02 18:27 - 2018-04-02 18:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-04-02 18:27 - 2018-04-02 18:27 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Kai\Desktop\mbar-1.10.3.1001.exe 2018-04-02 18:07 - 2018-04-02 18:07 - 000000000 ____D C:\Users\Kai\AppData\Local\nvirulz 2018-04-02 17:47 - 2018-04-02 17:47 - 000000000 ____D C:\Users\Kai\AppData\Local\wdsicmx 2018-04-02 16:24 - 2018-04-02 16:24 - 000000000 ___HD C:\$Windows.~WS 2018-04-02 16:18 - 2018-04-02 16:18 - 000252600 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_klark.sys 2018-04-02 16:17 - 2018-04-02 16:17 - 000087584 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_kimul.sys 2018-04-02 16:12 - 2018-04-02 16:12 - 000231312 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_arkmon.sys 2018-04-02 16:12 - 2018-04-02 16:12 - 000174664 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_mark.sys 2018-04-02 16:12 - 2018-04-02 16:12 - 000107656 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klupd_klif_klbg.sys 2018-04-02 16:11 - 2018-04-03 15:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2018-04-02 16:11 - 2018-04-02 16:17 - 001055944 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys 2018-04-02 16:11 - 2018-04-02 16:11 - 000594144 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klhk.sys 2018-04-02 16:11 - 2018-04-02 16:11 - 000207576 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klflt.sys 2018-04-02 16:11 - 2018-04-02 16:11 - 000149304 _____ (AO Kaspersky Lab) C:\Windows\System32\klhkum.dll 2018-04-02 16:11 - 2018-04-02 16:11 - 000002122 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk 2018-04-02 16:11 - 2018-04-02 16:11 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2018-04-02 16:11 - 2013-05-06 07:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\System32\klfphc.dll 2018-04-02 16:10 - 2018-04-02 16:10 - 000000000 ____D C:\Users\Kai\AppData\Local\psduoga 2018-04-02 16:08 - 2018-04-02 16:08 - 002438712 _____ (Kaspersky Lab) C:\Users\Kai\Downloads\kfa18.0.0.405abcden_es_fr_13382.exe 2018-04-02 16:00 - 2018-04-02 16:00 - 000000000 ____D C:\Users\Kai\AppData\Local\niegzlw 2018-04-02 15:51 - 2018-04-02 15:51 - 000002340 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-04-02 15:49 - 2018-04-02 15:49 - 000000000 ____D C:\Program Files (x86)\GUMCBFD.tmp 2018-04-02 15:03 - 2018-04-02 15:03 - 000000000 ____D C:\Users\Kai\AppData\Local\Simply Super Software 2018-04-02 15:02 - 2018-04-02 15:02 - 002928184 _____ (Kaspersky Lab) C:\Users\Kai\Downloads\ksk1.0.3.326en_13497.exe 2018-04-02 14:59 - 2018-04-02 14:59 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kai\Desktop\HijackThis.exe 2018-04-02 14:42 - 2018-04-02 14:42 - 000000000 ____D C:\Users\Kai\AppData\Local\sneabkl 2018-04-02 14:37 - 2018-04-02 19:09 - 000000626 _____ C:\Users\Kai\Desktop\JRT.txt 2018-04-02 14:36 - 2018-04-02 14:36 - 000000000 ____D C:\Users\Kai\AppData\Local\sbczodh 2018-04-02 14:30 - 2018-04-02 14:30 - 000000000 ____D C:\Users\Kai\AppData\Local\scbidmz 2018-04-02 14:28 - 2018-04-02 14:28 - 018617536 _____ (Microsoft Corporation) C:\Users\Kai\Downloads\MediaCreationTool.exe 2018-04-02 14:26 - 2018-04-02 14:26 - 000000000 ____D C:\Users\Kai\AppData\Local\sidnmkg 2018-04-02 05:35 - 2018-04-02 05:35 - 000000000 ____D C:\Users\Kai\AppData\Local\scrbkun 2018-04-02 03:29 - 2017-07-25 12:56 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Kai\Desktop\rkill.exe 2018-04-01 19:03 - 2018-04-01 19:03 - 000000000 ____D C:\ProgramData\SystemAcCrux 2018-04-01 17:11 - 2018-04-02 19:14 - 000000000 ____D C:\FRST 2018-04-01 16:56 - 2018-04-01 16:56 - 000061304 _____ () C:\Windows\System32\Drivers\lpsport.sys 2018-04-01 14:16 - 2018-04-01 14:16 - 001129816 _____ (Google Inc.) C:\Users\Kai\Downloads\ChromeSetup.exe 2018-04-01 14:01 - 2018-04-03 15:09 - 000027515 _____ C:\Windows\ZAM_Guard.krnl.trace 2018-04-01 14:01 - 2018-04-01 19:20 - 000085693 _____ C:\Windows\ZAM.krnl.trace 2018-04-01 14:01 - 2018-04-01 14:01 - 000203680 _____ (Zemana Ltd.) C:\Windows\System32\Drivers\zamguard64.sys 2018-04-01 14:01 - 2018-04-01 14:01 - 000000000 ____D C:\Users\Kai\AppData\Local\Zemana 2018-04-01 13:44 - 2018-04-02 14:34 - 000000422 _____ C:\Windows\System32\.crusader 2018-04-01 13:40 - 2018-04-02 19:38 - 000055232 _____ C:\Windows\System32\Drivers\hitmanpro37.sys 2018-04-01 13:39 - 2018-04-01 13:44 - 000000000 ____D C:\ProgramData\HitmanPro 2018-04-01 13:39 - 2018-04-01 13:39 - 011605440 _____ (SurfRight B.V.) C:\Users\Kai\Desktop\HitmanPro_x64.exe 2018-04-01 12:37 - 2018-04-02 19:12 - 000000000 ____D C:\AdwCleaner 2018-04-01 12:37 - 2018-04-01 12:37 - 001790024 _____ (Malwarebytes) C:\Users\Kai\Desktop\JRT.exe 2018-04-01 12:36 - 2018-04-01 12:37 - 008222496 _____ (Malwarebytes) C:\Users\Kai\Desktop\AdwCleaner.exe 2018-04-01 04:07 - 2018-04-01 04:07 - 000004274 _____ C:\Windows\System32\Tasks\TR_Updater 2018-04-01 04:07 - 2018-04-01 04:07 - 000004054 _____ C:\Windows\System32\Tasks\TR_FastScan_Daily_Kai 2018-04-01 04:07 - 2018-04-01 04:07 - 000003880 _____ C:\Windows\System32\Tasks\TR_FastScan_AtLogon 2018-04-01 04:07 - 2018-04-01 04:07 - 000000000 ____D C:\Users\Kai\Documents\Simply Super Software 2018-04-01 04:07 - 2018-04-01 04:07 - 000000000 ____D C:\ProgramData\Simply Super Software 2018-04-01 04:07 - 2018-04-01 04:07 - 000000000 ____D C:\Program Files (x86)\Trojan Remover 2018-03-31 20:53 - 2018-04-02 18:58 - 000002101 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-03-31 20:53 - 2018-03-19 11:57 - 000076192 _____ C:\Windows\System32\Drivers\mbae64.sys 2018-03-31 18:26 - 2018-04-03 14:44 - 000000000 ____D C:\Program Files\Common Files\AV 2018-03-31 18:19 - 2018-04-02 16:10 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2018-03-31 18:12 - 2018-04-02 19:03 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2018-03-31 18:12 - 2018-04-02 03:30 - 000000000 ____D C:\Windows\pss 2018-03-31 17:51 - 2018-04-01 12:06 - 000000000 ____D C:\Windows\Minidump 2018-03-31 17:42 - 2018-04-02 19:05 - 000102112 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys 2018-03-31 17:42 - 2018-03-31 17:42 - 000000000 ____D C:\Program Files\Malwarebytes 2018-03-31 17:31 - 2018-03-31 17:31 - 000079064 _____ (Malwarebytes) C:\Windows\System32\Drivers\fljm.sys 2018-03-31 17:13 - 2018-03-31 17:13 - 000079064 _____ (Malwarebytes) C:\Windows\System32\Drivers\mefrkund.sys 2018-03-31 17:00 - 2018-04-03 16:13 - 000000000 ____D C:\Users\Kai\AppData\Local\wmcagent 2018-03-31 17:00 - 2018-04-01 05:30 - 000000000 ____D C:\Users\Kai\AppData\Local\wmmvtpn 2018-03-31 16:57 - 2018-04-03 16:13 - 000000000 ____D C:\Users\Kai\AppData\Local\tihawem 2018-03-31 16:56 - 2018-04-03 15:08 - 002888704 _____ C:\Windows\System32\dsoclegsvc.exe 2018-03-31 16:56 - 2018-03-31 16:56 - 000000000 ____D C:\Windows\SysWOW64\widmkhl 2018-03-31 16:56 - 2018-03-31 16:56 - 000000000 ____D C:\Windows\System32\widmkhl 2018-03-31 16:55 - 2018-03-31 16:55 - 000003758 _____ C:\Windows\System32\Tasks\{5C03E5CF-1BA7-9901-9FA4-7E0E72E817E9} 2018-03-31 16:55 - 2018-03-31 16:55 - 000003544 _____ C:\Windows\System32\Tasks\{B3FDCEDF-0075-C5AB-3BDA-5A116786AAE3} 2018-03-31 16:55 - 2018-03-31 16:55 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE} 2018-03-31 16:55 - 2018-03-31 16:55 - 000000000 ____D C:\Users\Kai\AppData\Roaming\et 2018-03-31 16:12 - 2017-12-22 09:53 - 108846128 _____ (CANON INC.) C:\Users\Kai\Desktop\euw3.8.20-installer.exe 2018-03-31 16:01 - 2018-03-31 16:01 - 000000000 ____D C:\Users\Kai\AppData\Roaming\Canon_Inc_IC 2018-03-31 00:52 - 2018-03-31 00:52 - 000052429 _____ C:\Windows\uninstaller.dat 2018-03-31 00:52 - 2018-03-31 00:52 - 000014040 _____ C:\Windows\System32\Drivers\6a6cff5e551f4623b5a589ceaf395356.sys 2018-03-29 21:46 - 2018-03-29 22:30 - 418386912 _____ C:\Users\Kai\Desktop\Brothers First BlowJob - Mandy Flores [720p].wmv 2018-03-29 19:21 - 2018-03-31 14:18 - 000000000 ____D C:\PSO2 Tweaker 2018-03-29 19:21 - 2018-03-29 20:12 - 000000000 ____D C:\Users\Kai\AppData\Roaming\PSO2 Tweaker 2018-03-29 19:21 - 2018-03-29 19:21 - 000000000 ____D C:\Users\Kai\Documents\SEGA 2018-03-29 19:21 - 2018-03-29 19:21 - 000000000 ____D C:\PHANTASYSTARONLINE2 2018-03-25 13:57 - 2018-03-29 20:07 - 000000000 ____D C:\Windows\SysWOW64\directx 2018-03-23 14:28 - 2018-03-23 14:28 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-03-23 14:28 - 2018-03-15 14:42 - 000137664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2018-03-23 14:28 - 2017-12-08 14:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll 2018-03-23 14:28 - 2017-12-08 14:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2018-03-23 14:28 - 2017-12-08 14:24 - 000928568 _____ C:\Windows\System32\vulkan-1.dll 2018-03-23 14:28 - 2017-12-08 14:24 - 000591672 _____ C:\Windows\System32\vulkaninfo.exe 2018-03-23 14:27 - 2018-03-23 14:27 - 000000000 ____D C:\Windows\LastGood.Tmp 2018-03-23 14:26 - 2018-03-16 10:12 - 000997280 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll 2018-03-23 14:26 - 2018-03-16 10:12 - 000949176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2018-03-23 14:26 - 2018-03-16 10:12 - 000625592 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll 2018-03-23 14:26 - 2018-03-16 10:12 - 000515672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 040278616 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 035189336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 004318464 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 003719200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 001985280 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6439124.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 001684000 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6439124.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 001138432 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 001066072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 000748960 _____ (NVIDIA Corporation) C:\Windows\System32\nvDecMFTMjpeg.dll 2018-03-23 14:26 - 2018-03-16 10:11 - 000608344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 019854816 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 013571008 _____ (NVIDIA Corporation) C:\Windows\System32\nvptxJitCompiler.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 011131872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 001355408 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncMFThevc.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 001346128 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncMFTH264.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 001153568 _____ (NVIDIA Corporation) C:\Windows\System32\nvfatbinaryLoader.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 001067368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 000811992 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 000650232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2018-03-23 14:26 - 2018-03-16 10:01 - 000633224 _____ (NVIDIA Corporation) C:\Windows\System32\nvmcumd.dll 2018-03-23 14:26 - 2018-03-16 10:00 - 012966216 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll 2018-03-23 14:26 - 2018-03-16 10:00 - 001061168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll 2018-03-23 14:20 - 2018-03-23 14:20 - 000004088 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-19 16:18 - 2018-03-26 19:23 - 000000000 ____D C:\Users\Kai\vmlogs 2018-03-19 16:18 - 2018-03-26 19:23 - 000000000 ____D C:\Users\Kai\.android 2018-03-13 21:36 - 2018-03-13 21:36 - 000004556 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-03-13 20:52 - 2018-03-01 19:36 - 017085440 _____ (Microsoft Corporation) C:\Windows\System32\HologramCompositor.dll 2018-03-13 20:52 - 2018-03-01 19:02 - 000037888 _____ C:\Windows\System32\SpectrumSyncClient.dll 2018-03-13 20:52 - 2018-03-01 19:01 - 000640000 _____ (Microsoft Corporation) C:\Windows\System32\HeadTrackerStorage.dll 2018-03-13 20:52 - 2018-03-01 19:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Feedback.Analog.dll 2018-03-13 20:52 - 2018-03-01 19:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\System32\svf.dll 2018-03-13 20:52 - 2018-03-01 19:00 - 000230912 _____ (Microsoft Corporation) C:\Windows\System32\HoloShellRuntime.dll 2018-03-13 20:52 - 2018-03-01 18:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\System32\Spectrum.exe 2018-03-13 20:52 - 2018-03-01 12:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll 2018-03-13 20:52 - 2018-02-28 23:50 - 000270744 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll 2018-03-13 20:52 - 2018-02-28 23:49 - 000389536 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll 2018-03-13 20:52 - 2018-02-28 23:48 - 000664472 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2018-03-13 20:52 - 2018-02-28 23:47 - 000749464 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll 2018-03-13 20:52 - 2018-02-28 23:47 - 000035224 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe 2018-03-13 20:52 - 2018-02-28 23:46 - 002003352 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe 2018-03-13 20:52 - 2018-02-28 23:46 - 001568664 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll 2018-03-13 20:52 - 2018-02-28 23:46 - 000609176 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll 2018-03-13 20:52 - 2018-02-28 23:46 - 000138144 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe 2018-03-13 20:52 - 2018-02-28 23:45 - 000070040 _____ (Microsoft Corporation) C:\Windows\System32\win32appinventorycsp.dll 2018-03-13 20:52 - 2018-02-28 23:40 - 002514936 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2018-03-13 20:52 - 2018-02-28 23:40 - 000461720 _____ (Microsoft Corporation) C:\Windows\System32\dcntel.dll 2018-03-13 20:52 - 2018-02-28 23:40 - 000273304 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll 2018-03-13 20:52 - 2018-02-28 23:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2018-03-13 20:52 - 2018-02-28 23:31 - 008602520 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2018-03-13 20:52 - 2018-02-28 23:30 - 000540064 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll 2018-03-13 20:52 - 2018-02-28 23:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe 2018-03-13 20:52 - 2018-02-28 23:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys 2018-03-13 20:52 - 2018-02-28 23:27 - 001173576 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll 2018-03-13 20:52 - 2018-02-28 23:26 - 000170912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2018-03-13 20:52 - 2018-02-28 23:25 - 000377752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys 2018-03-13 20:52 - 2018-02-28 23:23 - 000749976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys 2018-03-13 20:52 - 2018-02-28 23:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\System32\MSVideoDSP.dll 2018-03-13 20:52 - 2018-02-28 23:17 - 002710736 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2018-03-13 20:52 - 2018-02-28 23:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe 2018-03-13 20:52 - 2018-02-28 23:17 - 000408984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2018-03-13 20:52 - 2018-02-28 23:15 - 002574232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2018-03-13 20:52 - 2018-02-28 23:14 - 007675784 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll 2018-03-13 20:52 - 2018-02-28 23:14 - 007384576 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Protection.PlayReady.dll 2018-03-13 20:52 - 2018-02-28 23:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\System32\AuthFWSnapin.dll 2018-03-13 20:52 - 2018-02-28 23:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll 2018-03-13 20:52 - 2018-02-28 23:14 - 000356952 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll 2018-03-13 20:52 - 2018-02-28 23:14 - 000147872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcifs.sys 2018-03-13 20:52 - 2018-02-28 23:14 - 000128928 _____ (Microsoft Corporation) C:\Windows\System32\offlinelsa.dll 2018-03-13 20:52 - 2018-02-28 23:12 - 000677272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2018-03-13 20:52 - 2018-02-28 23:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\System32\offlinesam.dll 2018-03-13 20:52 - 2018-02-28 23:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\System32\SecurityHealthAgent.dll 2018-03-13 20:52 - 2018-02-28 23:11 - 000093600 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll 2018-03-13 20:52 - 2018-02-28 23:10 - 001779936 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll 2018-03-13 20:52 - 2018-02-28 23:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\System32\SecurityHealthProxyStub.dll 2018-03-13 20:52 - 2018-02-28 23:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys 2018-03-13 20:52 - 2018-02-28 23:09 - 001054272 _____ (Microsoft Corporation) C:\Windows\System32\msvproc.dll 2018-03-13 20:52 - 2018-02-28 22:51 - 000777904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-03-13 20:52 - 2018-02-28 22:48 - 001930736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-03-13 20:52 - 2018-02-28 22:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2018-03-13 20:52 - 2018-02-28 22:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2018-03-13 20:52 - 2018-02-28 22:29 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2018-03-13 20:52 - 2018-02-28 22:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll 2018-03-13 20:52 - 2018-02-28 22:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-03-13 20:52 - 2018-02-28 22:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-03-13 20:52 - 2018-02-28 22:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll 2018-03-13 20:52 - 2018-02-28 22:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-03-13 20:52 - 2018-02-28 22:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll 2018-03-13 20:52 - 2018-02-28 22:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2018-03-13 20:52 - 2018-02-28 22:26 - 001057816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2018-03-13 20:52 - 2018-02-28 22:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll 2018-03-13 20:52 - 2018-02-28 22:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2018-03-13 20:52 - 2018-02-28 22:09 - 025251840 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll 2018-03-13 20:52 - 2018-02-28 22:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2018-03-13 20:52 - 2018-02-28 22:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll 2018-03-13 20:52 - 2018-02-28 22:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll 2018-03-13 20:52 - 2018-02-28 22:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll 2018-03-13 20:52 - 2018-02-28 22:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll 2018-03-13 20:52 - 2018-02-28 22:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-03-13 20:52 - 2018-02-28 22:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2018-03-13 20:52 - 2018-02-28 22:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll 2018-03-13 20:52 - 2018-02-28 22:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-03-13 20:52 - 2018-02-28 22:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-03-13 20:52 - 2018-02-28 21:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll 2018-03-13 20:52 - 2018-02-28 21:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2018-03-13 20:52 - 2018-02-28 21:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll 2018-03-13 20:52 - 2018-02-28 21:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll 2018-03-13 20:52 - 2018-02-28 21:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2018-03-13 20:52 - 2018-02-28 21:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll 2018-03-13 20:52 - 2018-02-28 21:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2018-03-13 20:52 - 2018-02-28 21:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-03-13 20:52 - 2018-02-28 21:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2018-03-13 20:52 - 2018-02-28 21:54 - 003664384 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys 2018-03-13 20:52 - 2018-02-28 21:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll 2018-03-13 20:52 - 2018-02-28 21:54 - 001296896 _____ (Microsoft Corporation) C:\Windows\System32\usocore.dll 2018-03-13 20:52 - 2018-02-28 21:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-03-13 20:52 - 2018-02-28 21:54 - 000496128 _____ (Microsoft Corporation) C:\Windows\System32\updatehandlers.dll 2018-03-13 20:52 - 2018-02-28 21:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000863232 _____ (Microsoft Corporation) C:\Windows\System32\MusUpdateHandlers.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000536576 _____ (Microsoft Corporation) C:\Windows\System32\edgeIso.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000399872 _____ (Microsoft Corporation) C:\Windows\System32\MusNotification.exe 2018-03-13 20:52 - 2018-02-28 21:53 - 000246272 _____ (Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe 2018-03-13 20:52 - 2018-02-28 21:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\System32\IndexedDbLegacy.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\System32\musdialoghandlers.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\System32\updatecsp.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\System32\usoapi.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000056320 _____ (Microsoft Corporation) C:\Windows\System32\AcSpecfc.dll 2018-03-13 20:52 - 2018-02-28 21:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\System32\UsoClient.exe 2018-03-13 20:52 - 2018-02-28 21:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-03-13 20:52 - 2018-02-28 21:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2018-03-13 20:52 - 2018-02-28 21:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2018-03-13 20:52 - 2018-02-28 21:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\System32\EdgeManager.dll 2018-03-13 20:52 - 2018-02-28 21:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BasicRender.sys 2018-03-13 20:52 - 2018-02-28 21:51 - 000023552 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2018-03-13 20:52 - 2018-02-28 21:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-03-13 20:52 - 2018-02-28 21:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-03-13 20:52 - 2018-02-28 21:50 - 000526336 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll 2018-03-13 20:52 - 2018-02-28 21:50 - 000118272 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2018-03-13 20:52 - 2018-02-28 21:50 - 000075264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcnfs.sys 2018-03-13 20:52 - 2018-02-28 21:49 - 000675328 _____ (Microsoft Corporation) C:\Windows\System32\webplatstorageserver.dll 2018-03-13 20:52 - 2018-02-28 21:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys 2018-03-13 20:52 - 2018-02-28 21:49 - 000301056 _____ (Microsoft Corporation) C:\Windows\System32\MicrosoftAccountWAMExtension.dll 2018-03-13 20:52 - 2018-02-28 21:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2018-03-13 20:52 - 2018-02-28 21:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\System32\HolographicExtensions.dll 2018-03-13 20:52 - 2018-02-28 21:48 - 000431616 _____ (Microsoft Corporation) C:\Windows\System32\msIso.dll 2018-03-13 20:52 - 2018-02-28 21:47 - 023674368 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2018-03-13 20:52 - 2018-02-28 21:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Payments.dll 2018-03-13 20:52 - 2018-02-28 21:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\System32\cdpusersvc.dll 2018-03-13 20:52 - 2018-02-28 21:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2018-03-13 20:52 - 2018-02-28 21:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdiWiFi.sys 2018-03-13 20:52 - 2018-02-28 21:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll 2018-03-13 20:52 - 2018-02-28 21:45 - 000708096 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2018-03-13 20:52 - 2018-02-28 21:45 - 000594944 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2018-03-13 20:52 - 2018-02-28 21:45 - 000386560 _____ (Microsoft Corporation) C:\Windows\System32\zipfldr.dll 2018-03-13 20:52 - 2018-02-28 21:44 - 008030720 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll 2018-03-13 20:52 - 2018-02-28 21:44 - 005195776 _____ (Microsoft Corporation) C:\Windows\System32\cdp.dll 2018-03-13 20:52 - 2018-02-28 21:43 - 012830208 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2018-03-13 20:52 - 2018-02-28 21:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll 2018-03-13 20:52 - 2018-02-28 21:42 - 002084352 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys 2018-03-13 20:52 - 2018-02-28 21:41 - 008103936 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll 2018-03-13 20:52 - 2018-02-28 21:41 - 004745728 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2018-03-13 20:52 - 2018-02-28 21:41 - 003334144 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2018-03-13 20:52 - 2018-02-28 21:41 - 001548288 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2018-03-13 20:52 - 2018-02-28 21:41 - 000812032 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2018-03-13 20:52 - 2018-02-28 21:40 - 005833216 _____ (Microsoft Corporation) C:\Windows\System32\dbgeng.dll 2018-03-13 20:52 - 2018-02-28 21:39 - 002222592 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll 2018-03-13 20:52 - 2018-02-28 21:39 - 002035712 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2018-03-13 20:52 - 2018-02-28 21:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll 2018-03-13 20:52 - 2018-02-28 21:39 - 000666624 _____ (Microsoft Corporation) C:\Windows\System32\DbgModel.dll 2018-03-13 20:52 - 2018-02-28 21:38 - 000963072 _____ (Microsoft Corporation) C:\Windows\System32\StorSvc.dll 2018-03-13 20:52 - 2018-02-28 21:38 - 000726016 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys 2018-03-13 20:52 - 2018-02-28 21:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll 2018-03-13 20:52 - 2018-02-28 21:36 - 000030208 _____ (Microsoft Corporation) C:\Windows\System32\msisip.dll 2018-03-13 20:52 - 2018-02-28 21:35 - 000568320 _____ (Microsoft Corporation) C:\Windows\System32\msra.exe 2018-03-13 20:52 - 2018-02-28 21:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\System32\racpldlg.dll 2018-03-13 20:52 - 2018-02-28 21:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\System32\pcalua.exe 2018-03-13 20:52 - 2018-02-21 18:23 - 001092016 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi 2018-03-13 20:52 - 2018-02-21 18:23 - 000924648 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe 2018-03-13 20:52 - 2018-02-21 18:13 - 000279456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys 2018-03-13 20:52 - 2018-02-21 18:13 - 000077216 _____ (Microsoft Corporation) C:\Windows\System32\hvloader.dll 2018-03-13 20:52 - 2018-02-21 18:11 - 000109984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys 2018-03-13 20:52 - 2018-02-21 18:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys 2018-03-13 20:52 - 2018-02-21 18:08 - 001206688 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe 2018-03-13 20:52 - 2018-02-21 18:08 - 001055648 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe 2018-03-13 20:52 - 2018-02-21 18:08 - 000571288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys 2018-03-13 20:52 - 2018-02-21 18:07 - 001415296 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi 2018-03-13 20:52 - 2018-02-21 18:07 - 001209248 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe 2018-03-13 20:52 - 2018-02-21 18:07 - 000194456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys 2018-03-13 20:52 - 2018-02-21 18:03 - 000712600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys 2018-03-13 20:52 - 2018-02-21 18:03 - 000082848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys 2018-03-13 20:52 - 2018-02-21 18:02 - 000149400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys 2018-03-13 20:52 - 2018-02-21 18:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys 2018-03-13 20:52 - 2018-02-21 17:59 - 021351624 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2018-03-13 20:52 - 2018-02-21 17:54 - 000437144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS 2018-03-13 20:52 - 2018-02-21 17:52 - 000103328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys 2018-03-13 20:52 - 2018-02-21 17:51 - 000555424 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS 2018-03-13 20:52 - 2018-02-21 17:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys 2018-03-13 20:52 - 2018-02-21 17:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storufs.sys 2018-03-13 20:52 - 2018-02-21 17:50 - 000362904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys 2018-03-13 20:52 - 2018-02-21 17:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys 2018-03-13 20:52 - 2018-02-21 16:41 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2018-03-13 20:52 - 2018-02-21 16:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UcmUcsi.sys 2018-03-13 20:52 - 2018-02-21 16:30 - 000192512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netvsc.sys 2018-03-13 20:52 - 2018-02-21 16:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys 2018-03-13 20:52 - 2018-02-21 16:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RfxVmt.sys 2018-03-13 20:52 - 2018-02-21 16:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\System32\MSVPXENC.dll 2018-03-13 20:52 - 2018-02-21 16:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\System32\cldapi.dll 2018-03-13 20:52 - 2018-02-21 16:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll 2018-03-13 20:52 - 2018-02-21 16:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll 2018-03-13 19:44 - 2018-03-13 19:46 - 110092367 _____ C:\Users\Kai\Downloads\SpankBang_carolina+sweets+stepfatherdaughterperversions7_480p.mp4 2018-03-13 00:04 - 2018-02-25 19:44 - 001985384 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6439101.dll 2018-03-13 00:04 - 2018-02-25 19:44 - 001684000 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6439101.dll 2018-03-05 23:42 - 2018-03-05 23:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2018-03-05 23:39 - 2018-04-01 19:37 - 000000000 ____D C:\ProgramData\AVAST Software ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-03 15:09 - 2017-12-03 05:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-04-03 15:09 - 2017-09-29 00:45 - 022544384 _____ C:\Windows\System32\config\HARDWARE 2018-04-03 15:09 - 2017-09-29 00:45 - 000524288 _____ C:\Windows\System32\config\BBI 2018-04-03 15:09 - 2016-09-21 15:01 - 000000000 ____D C:\ProgramData\NVIDIA 2018-04-03 15:08 - 2017-10-18 05:54 - 000004553 _____ C:\Users\Kai\AppData\Roaming\VoiceMeeterDefault.xml 2018-04-03 14:55 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\DeliveryOptimization 2018-04-03 14:51 - 2017-12-03 05:19 - 002022780 _____ C:\Windows\System32\PerfStringBackup.INI 2018-04-03 14:35 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\System32\NDF 2018-04-03 14:30 - 2017-12-03 05:15 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-04-03 14:30 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\AppReadiness 2018-04-03 05:52 - 2017-12-03 05:09 - 000000000 ____D C:\Windows\System32\SleepStudy 2018-04-02 18:28 - 2015-11-04 21:53 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-04-02 18:15 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-04-02 17:21 - 2015-10-03 22:08 - 000000000 __RHD C:\ESD 2018-04-02 17:19 - 2017-12-02 10:19 - 000000000 ___DC C:\Windows\Panther 2018-04-02 16:47 - 2015-11-04 21:31 - 000000000 ____D C:\Users\Kai\AppData\Local\Google 2018-04-02 16:16 - 2016-12-20 16:51 - 000093888 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klwfp.sys 2018-04-02 16:16 - 2016-10-12 11:29 - 000057032 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klim6.sys 2018-04-02 16:13 - 2017-12-25 07:31 - 000120008 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klbackupflt.sys 2018-04-02 16:12 - 2017-09-29 05:44 - 000000000 ____D C:\Windows\INF 2018-04-02 16:11 - 2017-09-29 05:46 - 000000000 ___HD C:\Windows\ELAMBKUP 2018-04-02 15:51 - 2016-03-12 22:49 - 000000000 ____D C:\Program Files (x86)\Google 2018-04-02 15:00 - 2015-10-17 09:22 - 000000000 ____D C:\ProgramData\TEMP 2018-04-02 14:45 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\LiveKernelReports 2018-04-02 14:45 - 2017-05-07 15:19 - 000000000 ____D C:\Program Files (x86)\Steam 2018-04-02 14:45 - 2015-12-22 16:09 - 000000000 ____D C:\Users\Kai\AppData\Local\CrashDumps 2018-04-02 14:30 - 2016-01-18 20:30 - 000000000 ____D C:\Users\Kai\AppData\Local\ElevatedDiagnostics 2018-04-01 20:48 - 2015-10-04 10:56 - 000000000 ____D C:\Users\Kai\AppData\Roaming\vlc 2018-04-01 19:19 - 2017-12-03 05:11 - 000000000 ____D C:\users\Kai 2018-04-01 13:44 - 2016-03-02 17:20 - 000000000 ____D C:\ProgramData\Baidu 2018-04-01 12:41 - 2016-08-25 16:27 - 000000000 ____D C:\Users\Kai\AppData\Roaming\IObit 2018-04-01 04:41 - 2015-10-29 22:28 - 000000000 ____D C:\users\Default.migrated 2018-04-01 04:33 - 2015-10-13 20:05 - 000000000 ____D C:\Program Files (x86)\Panda Security 2018-04-01 04:11 - 2017-09-29 00:45 - 000032768 _____ C:\Windows\System32\config\ELAM 2018-04-01 01:39 - 2017-01-28 01:27 - 000000000 ____D C:\Users\Kai\AppData\Roaming\PlaysTV 2018-03-31 20:28 - 2017-01-25 19:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2018-03-31 20:09 - 2016-03-21 19:00 - 000000000 ____D C:\Users\Kai\AppData\Roaming\discord 2018-03-31 19:12 - 2017-04-27 00:30 - 000000000 ____D C:\Users\Kai\Documents\Wooxy 2018-03-31 17:42 - 2015-11-04 21:53 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2018-03-31 17:34 - 2016-09-21 15:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-03-31 17:31 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\TextInput 2018-03-31 17:12 - 2015-10-04 20:59 - 000000000 ____D C:\Users\Kai\AppData\Roaming\qBittorrent 2018-03-31 17:06 - 2017-09-02 03:18 - 000000000 ____D C:\Temp 2018-03-31 16:55 - 2015-10-11 10:02 - 000000000 ____D C:\ProgramData\Intel 2018-03-31 16:36 - 2016-11-10 17:10 - 000000000 ____D C:\Users\Kai\AppData\Roaming\obs-studio 2018-03-31 16:17 - 2018-01-21 18:53 - 000000000 ____D C:\Users\Kai\AppData\Local\Canon_INC 2018-03-31 16:13 - 2018-01-21 14:04 - 000000000 ____D C:\Program Files (x86)\Canon 2018-03-26 20:50 - 2017-07-30 16:31 - 000000000 ____D C:\Users\Kai\AppData\Local\Nox 2018-03-25 13:14 - 2016-04-23 21:34 - 000000000 ____D C:\Users\Kai\AppData\Roaming\NexonLauncher 2018-03-23 23:44 - 2015-10-11 09:10 - 000000000 ____D C:\Users\Kai\AppData\Local\NVIDIA 2018-03-23 14:28 - 2016-09-21 15:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-03-23 14:20 - 2017-12-03 05:15 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-23 14:20 - 2017-12-03 05:15 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-23 14:20 - 2017-12-03 05:15 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-23 14:20 - 2017-12-03 05:15 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-23 14:20 - 2017-12-03 05:15 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-23 14:20 - 2017-12-03 05:15 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-23 14:20 - 2017-12-03 05:15 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-03-23 14:20 - 2016-09-21 15:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-03-22 00:48 - 2015-10-12 16:42 - 000007603 _____ C:\Users\Kai\AppData\Local\Resmon.ResmonCfg 2018-03-21 20:30 - 2016-09-30 00:21 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2018-03-21 20:30 - 2016-09-30 00:20 - 000000000 ____D C:\Program Files\Rockstar Games 2018-03-20 08:54 - 2016-09-21 18:48 - 000000000 ___RD C:\Users\Kai\OneDrive 2018-03-18 00:59 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\rescache 2018-03-16 10:01 - 2017-11-30 09:44 - 016496072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2018-03-16 10:01 - 2017-11-30 09:44 - 000902096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2018-03-16 10:00 - 2017-11-30 09:44 - 011000296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2018-03-16 10:00 - 2017-11-30 09:44 - 004629824 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll 2018-03-16 10:00 - 2017-11-30 09:44 - 003937000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2018-03-15 16:57 - 2017-11-30 09:44 - 000058816 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvhci.sys 2018-03-15 16:57 - 2017-11-30 09:44 - 000048407 _____ C:\Windows\System32\nvinfo.pb 2018-03-15 15:14 - 2017-09-02 03:30 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2018-03-15 14:40 - 2016-09-21 15:01 - 005952640 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll 2018-03-15 14:40 - 2016-09-21 15:01 - 002589576 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll 2018-03-15 14:40 - 2016-09-21 15:01 - 001767816 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll 2018-03-15 14:40 - 2016-09-21 15:01 - 000634256 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll 2018-03-15 14:40 - 2016-09-21 15:01 - 000451040 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll 2018-03-15 14:40 - 2016-09-21 15:01 - 000123840 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll 2018-03-15 14:40 - 2016-09-21 15:01 - 000083072 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll 2018-03-15 14:39 - 2016-09-21 15:01 - 008099202 _____ C:\Windows\System32\nvcoproc.bin 2018-03-14 15:43 - 2017-12-03 05:24 - 000000000 ___RD C:\Users\Kai\3D Objects 2018-03-14 15:43 - 2015-09-09 21:44 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-03-14 15:42 - 2017-12-03 05:09 - 000291368 _____ C:\Windows\System32\FNTCACHE.DAT 2018-03-14 06:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\System32\appraiser 2018-03-14 06:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\ShellExperiences 2018-03-14 06:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-03-14 05:05 - 2017-09-02 03:30 - 002480064 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll 2018-03-14 05:05 - 2017-09-02 03:30 - 002137024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2018-03-14 05:05 - 2017-09-02 03:30 - 001310144 _____ (NVIDIA Corporation) C:\Windows\System32\NvRtmpStreamer64.dll 2018-03-14 04:44 - 2017-04-06 15:02 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2018-03-13 21:36 - 2017-12-03 05:15 - 000004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-03-13 21:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-03-13 21:36 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\System32\Macromed 2018-03-13 20:57 - 2017-09-29 05:37 - 000000000 ____D C:\Windows\CbsTemp 2018-03-13 20:56 - 2015-10-04 15:20 - 000000000 ____D C:\Windows\System32\MRT 2018-03-13 20:55 - 2017-10-10 19:57 - 130364688 ____C (Microsoft Corporation) C:\Windows\System32\MRT-KB890830.exe 2018-03-13 20:55 - 2015-10-04 15:20 - 130364688 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2018-03-13 20:53 - 2017-09-29 05:41 - 000140800 _____ (Microsoft Corporation) C:\Windows\System32\Chakradiag.dll 2018-03-13 20:53 - 2017-09-29 05:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2018-03-04 22:18 - 2017-09-02 03:30 - 000189784 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll 2018-03-04 22:18 - 2017-09-02 03:30 - 000152408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= Restore point date: 2018-04-02 19:07 Restore point date: 2018-04-03 05:53 ==================== Memory info =========================== Percentage of memory in use: 6% Total physical RAM: 16335.1 MB Available physical RAM: 15310.09 MB Total Virtual: 16335.1 MB Available Virtual: 15353.77 MB ==================== Drives ================================ Drive c: (Main SSD) (Fixed) (Total:930.97 GB) (Free:311.43 GB) NTFS Drive d: (Main HDD) (Fixed) (Total:931.39 GB) (Free:50.75 GB) NTFS Drive e: (RECOVERY) (Removable) (Total:7.45 GB) (Free:7.06 GB) FAT32 Drive f: (USB) (Removable) (Total:7.25 GB) (Free:7.25 GB) FAT32 Drive h: () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS Drive y: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: FCDAF39D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449 MB) - (Type=27) ======================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 7.5 GB) (Disk ID: 35B99682) Partition 1: (Active) - (Size=7.5 GB) - (Type=0C) ======================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 7.3 GB) (Disk ID: F133DCD6) Partition 1: (Active) - (Size=7.3 GB) - (Type=0C) LastRegBack: 2018-03-27 02:49 ==================== End of FRST.txt ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top