API tools faq
paste
Guest User

Untitled

a guest
Apr 7th, 2018
93
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 39.94 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
  2. Ran by Tim (administrator) on TIM-PC (07-04-2018 14:31:29)
  3. Running from C:\Users\Tim\Desktop
  4. Loaded Profiles: Tim (Available Profiles: Tim)
  5. Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
  6. Internet Explorer Version 11 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (TOSHIBA CORPORATION) C:\Windows\System32\dtipmslsvc.exe
  15. (Microsoft Corporation) C:\Windows\System32\WerFault.exe
  16. (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
  17. (AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
  18. (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
  19. (Microsoft Corporation) C:\Windows\System32\WerFault.exe
  20. (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
  21. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  22. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  23. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  24. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  25. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  26. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  27. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  28. (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
  29.  
  30. ==================== Registry (Whitelisted) ===========================
  31.  
  32. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  33.  
  34. HKU\S-1-5-21-1375235134-3966013003-1832354310-1000\...\MountPoints2: {a43c81bc-7c4f-11e6-a197-3085a9a3531f} - E:\VZW_Software_upgrade_assistant.exe
  35. HKU\S-1-5-21-1375235134-3966013003-1832354310-1000\...\MountPoints2: {a43c81d0-7c4f-11e6-a197-3085a9a3531f} - G:\VZW_Software_upgrade_assistant.exe
  36. HKU\S-1-5-21-1375235134-3966013003-1832354310-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
  37.  
  38. ==================== Internet (Whitelisted) ====================
  39.  
  40. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  41.  
  42. Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
  43. Tcpip\..\Interfaces\{5E625696-C1C3-440F-9411-A1938F24FE48}: [DhcpNameServer] 192.168.0.1
  44.  
  45. Internet Explorer:
  46. ==================
  47. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
  48. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://us.4yendex.com/?utm_source=sdks&utm_medium=us01&utm_campaign=5f260d286d40d4896080d3c4daf35b2a
  49. SearchScopes: HKLM -> DefaultScope value is missing
  50. SearchScopes: HKU\S-1-5-21-1375235134-3966013003-1832354310-1000 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL =
  51. IE Session Restore: HKU\S-1-5-21-1375235134-3966013003-1832354310-1000 -> is enabled.
  52. Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
  53. Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
  54.  
  55. FireFox:
  56. ========
  57. FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\gg5gx3g9.default-1478705667044 [2018-04-04]
  58. FF Extension: (Youtube Unblocker Remediation) - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\gg5gx3g9.default-1478705667044\features\{e3397853-477b-45f0-a1c5-59e874c557af}\malware-remediation@mozilla.org.xpi [2016-11-09] [Legacy]
  59. FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi => not found
  60. FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
  61. FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
  62. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
  63. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-16] (Microsoft Corporation)
  64. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
  65. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
  66. FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
  67. FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-23] (NVIDIA Corporation)
  68. FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-23] (NVIDIA Corporation)
  69. FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2017-10-12] (Perfect World Entertainment Inc)
  70. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
  71. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
  72. FF Plugin HKU\S-1-5-21-1375235134-3966013003-1832354310-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Tim\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-05-25] (Citrix Online)
  73.  
  74. Chrome:
  75. =======
  76. CHR HomePage: Default -> msn.com
  77. CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
  78. CHR DefaultSearchKeyword: Default -> bing.com
  79. CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
  80. CHR Session Restore: Default -> is enabled.
  81. CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default [2018-04-07]
  82. CHR Extension: (Bing) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-04-04]
  83. CHR Extension: (Avira Browser Safety) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-04-04]
  84. CHR Extension: (Chrome Web Store Payments) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
  85. CHR Extension: (Chrome Media Router) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-04]
  86. CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
  87. CHR HKU\S-1-5-21-1375235134-3966013003-1832354310-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
  88. CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
  89.  
  90. ==================== Services (Whitelisted) ====================
  91.  
  92. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  93.  
  94. HKLM\SYSTEM\CurrentControlSet\Services\paxgkl <==== ATTENTION (Rootkit!)
  95.  
  96. S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-06-30] (Autodesk Inc.)
  97. S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
  98. S4 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [87064 2017-10-12] (Perfect World Entertainment Inc)
  99. S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()
  100. S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-23] () [File not signed]
  101. S4 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
  102. S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-05] ()
  103. S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-18] (EasyAntiCheat Ltd)
  104. S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-01] (NVIDIA Corporation)
  105. S4 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\vpnsvc.exe [192720 2016-07-21] (eVenture Limited)
  106. S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
  107. S4 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-14] () [File not signed]
  108. S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-01] (NVIDIA Corporation)
  109. S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-01] (NVIDIA Corporation)
  110. S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-01] (NVIDIA Corporation)
  111. S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-02-22] (Electronic Arts)
  112. S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-02-22] (Electronic Arts)
  113. S4 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [900840 2017-08-14] ()
  114. S4 SpotfluxConnectionManager; C:\Program Files (x86)\Spotflux\services\SpotfluxConnectionManager.exe [105984 2015-07-30] (Spotflux) [File not signed]
  115. S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
  116. R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
  117. S4 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
  118. S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
  119. S4 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM [X]
  120.  
  121. ===================== Drivers (Whitelisted) ======================
  122.  
  123. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  124.  
  125. R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] ()
  126. S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-01-09] (Bluestack System Inc. )
  127. S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.5.1\dbk64.sys [94040 2016-05-19] ()
  128. S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
  129. R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-14] (REALiX(tm))
  130. R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [49424 2015-07-30] (Windows (R) Win 7 DDK provider)
  131. S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-01] (NVIDIA Corporation)
  132. S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
  133. S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2016-06-14] (The OpenVPN Project)
  134. S3 qcusbnet; C:\Windows\System32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
  135. S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
  136. S3 SaiH0461; C:\Windows\System32\DRIVERS\SaiH0461.sys [178432 2008-03-26] (Saitek)
  137. S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
  138. S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-07-30] (Spotflux, Inc.)
  139. U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-04-04] ()
  140. R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
  141. R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
  142. R3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
  143. S3 ALSysIO; \??\C:\Users\Tim\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
  144. S3 ASFLTDrv.sys; \??\C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [X]
  145. U0 aswVmm; no ImagePath
  146. S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
  147. S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
  148. S3 gjmqtw; system32\drivers\mqtwzd.sys [X]
  149. R3 oruxbe; system32\drivers\uxbehk.sys [X]
  150. S4 rcgnudmh; System32\drivers\rahmpbdx.sys [X]
  151. S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  152. S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  153. S1 VDiskBus; system32\DRIVERS\VDiskBus64.sys [X]
  154. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  155.  
  156. ==================== NetSvcs (Whitelisted) ===================
  157.  
  158. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  159.  
  160.  
  161. ==================== One Month Created files and folders ========
  162.  
  163. (If an entry is included in the fixlist, the file/folder will be moved.)
  164.  
  165. 2018-04-07 14:31 - 2018-04-07 14:35 - 000013910 _____ C:\Users\Tim\Desktop\FRST.txt
  166. 2018-04-07 14:31 - 2018-04-07 14:31 - 000000000 ____D C:\Users\Tim\AppData\Local\mbikhsu
  167. 2018-04-07 14:31 - 2018-04-07 14:31 - 000000000 ____D C:\FRST
  168. 2018-04-07 14:30 - 2018-04-07 14:31 - 000407120 _____ C:\Windows\Minidump\040718-39296-01.dmp
  169. 2018-04-07 07:30 - 2018-04-07 07:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
  170. 2018-04-05 13:27 - 2018-04-05 13:27 - 000000000 ____D C:\Users\Tim\AppData\Local\svkmhwl
  171. 2018-04-05 13:25 - 2018-04-05 13:26 - 000407336 _____ C:\Windows\Minidump\040518-37689-01.dmp
  172. 2018-04-05 11:14 - 2018-04-05 11:14 - 000000000 ____D C:\Users\Tim\AppData\Local\dthuaiv
  173. 2018-04-05 11:12 - 2018-04-05 11:13 - 000407168 _____ C:\Windows\Minidump\040518-41574-01.dmp
  174. 2018-04-05 04:20 - 2018-04-05 04:20 - 000000000 ____D C:\Users\Tim\AppData\Local\avkolrb
  175. 2018-04-05 04:17 - 2018-04-05 04:17 - 000208216 _____ C:\Windows\system32\Drivers\88404657.sys
  176. 2018-04-05 04:17 - 2018-04-05 04:17 - 000003608 _____ C:\TDSSKiller.2.8.16.0_05.04.2018_04.17.30_log.txt
  177. 2018-04-05 04:16 - 2018-04-05 04:16 - 000000000 ____D C:\Users\Tim\AppData\Local\usbhpvd
  178. 2018-04-05 04:14 - 2018-04-05 04:15 - 000406904 _____ C:\Windows\Minidump\040518-31059-01.dmp
  179. 2018-04-05 04:13 - 2018-04-05 04:13 - 000208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\78330507.sys
  180. 2018-04-05 04:12 - 2018-04-05 04:13 - 000016014 _____ C:\TDSSKiller.2.8.16.0_05.04.2018_04.12.19_log.txt
  181. 2018-04-05 04:12 - 2018-04-05 04:12 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
  182. 2018-04-05 00:33 - 2018-04-05 00:33 - 000000000 __SHD C:\82ace7d6-0197-474d-bf4b-a2043e72329b
  183. 2018-04-04 23:38 - 2018-04-04 23:38 - 000000000 ____D C:\Users\Tim\AppData\Local\atnpxgl
  184. 2018-04-04 23:37 - 2018-04-04 23:38 - 000407104 _____ C:\Windows\Minidump\040418-30810-01.dmp
  185. 2018-04-04 23:17 - 2018-04-04 23:17 - 000001045 _____ C:\Users\Public\Desktop\DarkComet Remover.lnk
  186. 2018-04-04 23:17 - 2018-04-04 23:17 - 000000000 ____D C:\Users\Tim\AppData\Roaming\PhrozenSoft
  187. 2018-04-04 23:17 - 2018-04-04 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarkComet Remover
  188. 2018-04-04 23:16 - 2013-04-08 12:37 - 001093409 _____ (Phrozen ® Software 2013. ) C:\Users\Tim\Desktop\DarkCometRemover2_setup.exe
  189. 2018-04-04 23:12 - 2018-04-04 23:12 - 000000000 ____D C:\Users\Tim\AppData\Local\pwhcoer
  190. 2018-04-04 23:10 - 2018-04-04 23:10 - 000407184 _____ C:\Windows\Minidump\040418-35069-01.dmp
  191. 2018-04-04 22:52 - 2018-04-06 02:32 - 000000000 ____D C:\Users\Tim\AppData\Local\ElevatedDiagnostics
  192. 2018-04-04 22:43 - 2017-01-04 14:26 - 001604152 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
  193. 2018-04-04 22:43 - 2017-01-04 14:26 - 000221632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
  194. 2018-04-04 22:43 - 2017-01-04 14:26 - 000054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
  195. 2018-04-04 22:41 - 2018-04-04 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
  196. 2018-04-04 22:40 - 2018-01-23 15:42 - 000137712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
  197. 2018-04-04 22:39 - 2018-04-04 22:39 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
  198. 2018-04-04 22:39 - 2017-01-04 14:28 - 034712112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
  199. 2018-04-04 22:39 - 2017-01-04 14:28 - 028148792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
  200. 2018-04-04 22:39 - 2017-01-04 14:28 - 014081592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
  201. 2018-04-04 22:39 - 2017-01-04 14:27 - 000951224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
  202. 2018-04-04 22:39 - 2017-01-04 14:27 - 000903096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
  203. 2018-04-04 22:39 - 2017-01-04 14:27 - 000446904 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
  204. 2018-04-04 22:39 - 2017-01-04 14:27 - 000398904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
  205. 2018-04-04 22:39 - 2017-01-04 14:26 - 001044920 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
  206. 2018-04-04 22:39 - 2017-01-04 14:26 - 000982456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
  207. 2018-04-04 22:39 - 2017-01-04 14:25 - 040132536 _____ C:\Windows\system32\nvcompiler.dll
  208. 2018-04-04 22:39 - 2017-01-04 14:25 - 035231160 _____ C:\Windows\SysWOW64\nvcompiler.dll
  209. 2018-04-04 22:39 - 2017-01-04 14:25 - 003647416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
  210. 2018-04-04 22:39 - 2017-01-04 14:25 - 003216440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
  211. 2018-04-04 22:39 - 2017-01-04 14:05 - 020130624 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
  212. 2018-04-04 22:39 - 2017-01-04 14:05 - 017537912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
  213. 2018-04-04 22:39 - 2017-01-04 14:05 - 011016832 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
  214. 2018-04-04 22:39 - 2017-01-04 14:05 - 009000152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
  215. 2018-04-04 22:39 - 2017-01-04 14:05 - 000504936 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
  216. 2018-04-04 22:39 - 2017-01-04 14:05 - 000419704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
  217. 2018-04-04 22:39 - 2017-01-04 14:04 - 017598144 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
  218. 2018-04-04 22:39 - 2017-01-04 14:04 - 010898544 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
  219. 2018-04-04 22:39 - 2017-01-04 14:04 - 009240240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
  220. 2018-04-04 22:39 - 2017-01-04 14:04 - 000698728 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
  221. 2018-04-04 22:39 - 2017-01-04 14:04 - 000586968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
  222. 2018-04-04 22:39 - 2017-01-04 14:04 - 000534600 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
  223. 2018-04-04 22:39 - 2017-01-04 14:04 - 000448800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
  224. 2018-04-04 22:39 - 2017-01-04 14:04 - 000181280 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
  225. 2018-04-04 22:39 - 2017-01-04 14:04 - 000163632 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
  226. 2018-04-04 22:39 - 2017-01-04 14:04 - 000158208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
  227. 2018-04-04 22:39 - 2017-01-04 14:04 - 000141768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
  228. 2018-04-04 22:39 - 2017-01-04 14:03 - 014545352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
  229. 2018-04-04 22:39 - 2017-01-04 14:03 - 010444784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
  230. 2018-04-04 22:39 - 2017-01-04 14:03 - 008839216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
  231. 2018-04-04 22:39 - 2017-01-04 14:03 - 003985104 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
  232. 2018-04-04 22:39 - 2017-01-04 14:03 - 003518872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
  233. 2018-04-04 22:39 - 2017-01-04 09:08 - 000041334 _____ C:\Windows\system32\nvinfo.pb
  234. 2018-04-04 22:39 - 2017-01-04 09:07 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
  235. 2018-04-04 22:39 - 2017-01-04 09:07 - 000000669 _____ C:\Windows\system32\nv-vk64.json
  236. 2018-04-04 22:34 - 2018-04-04 22:34 - 000117936 _____ C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
  237. 2018-04-04 22:32 - 2018-04-04 22:32 - 000000000 ____D C:\Users\Tim\AppData\Local\excrntw
  238. 2018-04-04 22:31 - 2018-04-07 14:30 - 1336123741 _____ C:\Windows\MEMORY.DMP
  239. 2018-04-04 22:31 - 2018-04-04 22:31 - 000407024 _____ C:\Windows\Minidump\040418-34507-01.dmp
  240. 2018-04-04 22:15 - 2018-04-04 22:15 - 002403328 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
  241. 2018-04-04 18:25 - 2018-04-04 18:25 - 000899584 _____ (Farbar) C:\Users\Tim\Desktop\FSS.exe
  242. 2018-04-04 17:41 - 2018-04-07 14:34 - 000000000 ____D C:\Users\Tim\AppData\Local\wmcagent
  243. 2018-04-04 17:41 - 2018-04-04 18:02 - 000000000 ____D C:\Users\Tim\AppData\Local\Google
  244. 2018-04-04 17:36 - 2018-04-04 17:36 - 000142672 ____N C:\Windows\system32\Drivers\wiodgjmq.sys
  245. 2018-04-04 17:26 - 2018-04-04 17:41 - 000002182 _____ C:\Users\Tim\Desktop\Process Hacker 2.lnk
  246. 2018-04-04 17:26 - 2018-04-04 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
  247. 2018-04-04 17:26 - 2018-04-04 17:26 - 000000000 ____D C:\Program Files\Process Hacker 2
  248. 2018-04-04 17:18 - 2018-04-04 17:19 - 000453952 _____ C:\Windows\system32\FNTCACHE.DAT
  249. 2018-04-04 17:15 - 2018-04-04 17:17 - 000000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06Z..Z..ZZ.ZZ..Z.Z
  250. 2018-04-04 16:48 - 2018-04-04 16:48 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Tim\Desktop\rkill64.exe
  251. 2018-04-04 16:47 - 2018-04-04 17:17 - 000096863 _____ C:\Windows\ZAM.krnl.trace
  252. 2018-04-04 16:47 - 2018-04-04 17:16 - 000130677 _____ C:\Windows\ZAM_Guard.krnl.trace
  253. 2018-04-04 16:47 - 2018-04-04 16:47 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
  254. 2018-04-04 16:47 - 2018-04-04 16:47 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
  255. 2018-04-04 16:47 - 2018-04-04 16:47 - 000001152 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
  256. 2018-04-04 16:47 - 2018-04-04 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
  257. 2018-04-04 16:47 - 2018-04-04 16:47 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
  258. 2018-04-04 16:36 - 2018-04-07 07:30 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
  259. 2018-04-04 16:36 - 2018-04-07 07:29 - 000000000 ____D C:\ProgramData\Malwarebytes
  260. 2018-04-04 16:36 - 2018-04-04 16:36 - 000001897 _____ C:\Users\Public\Desktop\HitmanPro.lnk
  261. 2018-04-04 16:36 - 2018-04-04 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
  262. 2018-04-04 16:36 - 2018-04-04 16:36 - 000000000 ____D C:\Program Files\HitmanPro
  263. 2018-04-04 16:36 - 2018-03-19 12:57 - 000076192 _____ C:\Windows\system32\Drivers\mbae64.sys
  264. 2018-04-04 16:32 - 2018-04-04 16:32 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  265. 2018-04-04 16:32 - 2018-04-04 16:32 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  266. 2018-04-04 15:54 - 2018-04-04 16:05 - 000000000 ____D C:\ProgramData\HitmanPro
  267. 2018-04-04 15:53 - 2018-04-04 15:54 - 011605440 _____ (SurfRight B.V.) C:\Users\Tim\Desktop\HitmanPro_x64.exe
  268. 2018-04-04 15:34 - 2018-04-04 15:39 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
  269. 2018-04-04 15:33 - 2018-04-04 15:33 - 000000000 ____D C:\ProgramData\RogueKiller
  270. 2018-04-04 15:24 - 2018-04-04 17:15 - 000000000 ____D C:\AdwCleaner
  271. 2018-04-04 15:17 - 2018-04-07 14:30 - 000000000 ____D C:\Windows\Minidump
  272. 2018-04-04 14:59 - 2018-04-07 07:30 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
  273. 2018-04-04 14:59 - 2018-04-07 07:30 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
  274. 2018-04-04 14:58 - 2018-04-07 07:30 - 000193768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
  275. 2018-04-04 14:48 - 2018-04-04 14:48 - 000000000 ____D C:\Users\Tim\AppData\Roaming\DriverAgent
  276. 2018-04-04 14:33 - 2018-04-05 17:01 - 000000000 ____D C:\Users\Tim\AppData\Local\snsgrce
  277. 2018-04-04 14:31 - 2018-04-07 07:30 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
  278. 2018-04-04 14:30 - 2018-04-07 14:36 - 000000000 ____D C:\Users\Tim\AppData\Local\weeaukz
  279. 2018-04-04 14:29 - 2018-04-07 14:29 - 002888704 _____ (TOSHIBA CORPORATION) C:\Windows\system32\dtipmslsvc.exe
  280. 2018-04-04 14:29 - 2018-04-04 14:29 - 001522176 _____ C:\Windows\cd9e09e7a730c023b97c38853454da6c.dll
  281. 2018-04-04 14:29 - 2018-04-04 14:29 - 000000000 ____D C:\Windows\SysWOW64\wdeszob
  282. 2018-04-04 14:29 - 2018-04-04 14:29 - 000000000 ____D C:\Windows\system32\wdeszob
  283. 2018-04-04 14:29 - 2018-04-04 14:29 - 000000000 ____D C:\Users\Tim\AppData\Roaming\et
  284. 2018-04-04 14:29 - 2018-04-04 14:29 - 000000000 ____D C:\Users\Tim\AppData\Roaming\c
  285. 2018-04-04 14:28 - 2018-04-04 14:37 - 000000000 ____D C:\ProgramData\10b45edb-3473-4b10-b57e-0ad402f4c858
  286. 2018-04-04 14:28 - 2018-04-04 14:29 - 000000000 ____D C:\ProgramData\Windows
  287. 2018-04-04 14:28 - 2018-04-04 14:28 - 000003600 _____ C:\Windows\System32\Tasks\{CF7203F5-72B6-A015-8FC9-E22ACBEE18D7}
  288. 2018-04-04 14:28 - 2018-04-04 14:28 - 000003392 _____ C:\Windows\System32\Tasks\{FFB50A37-7865-295C-937E-41499858F6F7}
  289. 2018-04-04 14:28 - 2018-04-04 14:28 - 000000003 _____ C:\Users\Tim\AppData\Local\wbem.ini
  290. 2018-04-04 07:22 - 2018-04-04 07:22 - 000000000 ____D C:\ProgramData\DriverAgent
  291. 2018-04-04 04:40 - 2018-04-04 04:40 - 000041212 _____ C:\Windows\uninstaller.dat
  292. 2018-03-27 00:20 - 2018-03-27 00:20 - 000000222 _____ C:\Users\Tim\Desktop\PixARK.url
  293. 2018-03-24 03:46 - 2018-03-24 03:46 - 000000000 ____D C:\Users\Tim\AppData\LocalLow\Pathea Games
  294. 2018-03-24 03:44 - 2018-03-24 03:44 - 000000222 _____ C:\Users\Tim\Desktop\My Time At Portia.url
  295. 2018-03-24 03:01 - 2018-03-24 03:01 - 000000000 ____D C:\ProgramData\Codemasters
  296. 2018-03-22 03:14 - 2018-03-23 03:20 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Domina
  297. 2018-03-22 02:40 - 2018-03-22 02:40 - 000000000 ____D C:\Users\Tim\AppData\LocalLow\noio
  298. 2018-03-21 21:11 - 2018-03-21 22:14 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Tropico 5
  299. 2018-03-21 21:11 - 2018-03-21 21:11 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Kalypso Media
  300. 2018-03-18 23:43 - 2018-03-17 20:41 - 000000231 ___SH C:\Users\Public\Libraries.ini
  301. 2018-03-18 13:47 - 2018-03-18 13:48 - 000000000 ____D C:\tmp
  302. 2018-03-18 13:45 - 2018-03-18 13:45 - 000000000 ____D C:\Users\Tim\Desktop\Making Games Software
  303. 2018-03-18 13:45 - 2018-03-18 13:45 - 000000000 ____D C:\Users\Tim\.thumbnails
  304. 2018-03-18 13:40 - 2018-03-18 13:40 - 000000000 ____D C:\Users\Tim\Documents\Sceelix
  305. 2018-03-18 13:40 - 2018-03-18 13:40 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Sceelix
  306. 2018-03-17 00:11 - 2018-03-17 00:11 - 000000000 ____D C:\Users\Tim\AppData\LocalLow\Eat Create Sleep
  307. 2018-03-16 21:45 - 2018-03-16 21:45 - 000000000 ____D C:\Users\Tim\AppData\Local\MindTheVikings
  308. 2018-03-16 00:23 - 2018-03-16 00:23 - 000000000 ____D C:\Users\Tim\AppData\Local\EotU
  309. 2018-03-15 23:30 - 2018-03-15 23:30 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Itch Corp
  310. 2018-03-15 23:30 - 2018-03-15 23:30 - 000000000 ____D C:\Users\Tim\AppData\Roaming\itch
  311. 2018-03-15 23:29 - 2018-03-15 23:30 - 000000000 ____D C:\Users\Tim\AppData\Local\itch
  312. 2018-03-13 06:27 - 2018-03-13 13:51 - 000000000 ____D C:\Users\Tim\AppData\Roaming\SpaceEngineers
  313. 2018-03-13 01:17 - 2018-04-07 06:57 - 000000000 ____D C:\Users\Tim\AppData\Roaming\rsilauncher
  314. 2018-03-13 01:16 - 2018-03-13 01:16 - 000002239 _____ C:\Users\Public\Desktop\RSI Launcher.lnk
  315. 2018-03-13 01:16 - 2018-03-13 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roberts Space Industries
  316. 2018-03-13 01:15 - 2018-03-13 01:17 - 000000000 ____D C:\Program Files\Roberts Space Industries
  317. 2018-03-09 03:18 - 2018-03-09 03:18 - 000000000 ____D C:\Users\Tim\AppData\Local\Parallax
  318. 2018-03-08 16:37 - 2018-03-08 16:52 - 000000000 ____D C:\Users\Tim\Documents\First Try
  319. 2018-03-08 16:37 - 2018-03-08 16:37 - 000000000 ____D C:\Users\Tim\AppData\LocalLow\DefaultCompany
  320. 2018-03-08 16:34 - 2018-03-08 16:37 - 000000000 ____D C:\ProgramData\Unity
  321. 2018-03-08 16:34 - 2018-03-08 16:34 - 000000000 ____D C:\Users\Tim\AppData\Local\Unity
  322. 2018-03-08 16:33 - 2018-03-08 16:43 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Unity
  323. 2018-03-08 16:18 - 2018-03-08 16:18 - 000000000 ____D C:\Users\Tim\Documents\Visual Studio 2017
  324. 2018-03-08 16:17 - 2018-03-08 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
  325. 2018-03-08 16:17 - 2018-03-08 16:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
  326. 2018-03-08 16:14 - 2018-03-08 16:18 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
  327. 2018-03-08 16:14 - 2018-03-08 16:14 - 000000000 ____D C:\Program Files (x86)\Windows Kits
  328. 2018-03-08 16:13 - 2018-03-08 16:13 - 000001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
  329. 2018-03-08 16:13 - 2018-03-08 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
  330. 2018-03-08 16:12 - 2018-03-08 16:12 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
  331. 2018-03-08 16:12 - 2018-03-08 16:12 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
  332. 2018-03-08 16:11 - 2018-03-08 16:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
  333. 2018-03-08 16:11 - 2018-03-08 16:11 - 000001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
  334. 2018-03-08 16:11 - 2018-03-08 16:11 - 000000000 ____D C:\Users\Tim\AppData\Roaming\vstelemetry
  335. 2018-03-08 16:11 - 2018-03-08 16:11 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Visual Studio Setup
  336. 2018-03-08 16:11 - 2018-03-08 16:11 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Microsoft Visual Studio
  337. 2018-03-08 16:11 - 2018-03-08 16:11 - 000000000 ____D C:\Users\Tim\AppData\Local\ServiceHub
  338. 2018-03-08 16:10 - 2018-03-08 16:10 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
  339. 2018-03-08 16:08 - 2018-03-08 16:08 - 000000000 ____D C:\Program Files (x86)\GtkSharp
  340. 2018-03-08 16:06 - 2018-03-08 16:06 - 000000883 _____ C:\Users\Public\Desktop\Unity 2017.3.1f1 (64-bit).lnk
  341. 2018-03-08 16:06 - 2018-03-08 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.3.1f1 (64-bit)
  342. 2018-03-08 16:04 - 2018-03-08 16:07 - 000000000 ____D C:\Program Files\Unity
  343.  
  344. ==================== One Month Modified files and folders ========
  345.  
  346. (If an entry is included in the fixlist, the file/folder will be moved.)
  347.  
  348. 2018-04-07 14:35 - 2009-07-13 19:34 - 024641536 _____ C:\Windows\system32\config\HARDWARE
  349. 2018-04-07 14:32 - 2017-10-14 01:01 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
  350. 2018-04-07 14:30 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
  351. 2018-04-07 07:29 - 2017-03-05 19:51 - 000000000 ____D C:\Users\Tim\AppData\Local\Ubisoft Game Launcher
  352. 2018-04-07 06:59 - 2016-05-14 17:30 - 000000000 ____D C:\Program Files (x86)\Steam
  353. 2018-04-06 23:06 - 2016-05-27 08:46 - 002865444 _____ C:\Windows\system32\perfh00A.dat
  354. 2018-04-06 23:06 - 2016-05-27 08:46 - 000874946 _____ C:\Windows\system32\perfc00A.dat
  355. 2018-04-06 23:06 - 2016-05-27 08:39 - 002512332 _____ C:\Windows\system32\perfh00D.dat
  356. 2018-04-06 23:06 - 2016-05-27 08:39 - 000801230 _____ C:\Windows\system32\perfc00D.dat
  357. 2018-04-06 23:06 - 2016-05-27 08:26 - 002860034 _____ C:\Windows\system32\perfh010.dat
  358. 2018-04-06 23:06 - 2016-05-27 08:26 - 000863318 _____ C:\Windows\system32\perfc010.dat
  359. 2018-04-06 23:06 - 2016-05-27 08:20 - 002810612 _____ C:\Windows\system32\perfh00C.dat
  360. 2018-04-06 23:06 - 2016-05-27 08:20 - 002599002 _____ C:\Windows\system32\perfh001.dat
  361. 2018-04-06 23:06 - 2016-05-27 08:20 - 000846704 _____ C:\Windows\system32\perfc00C.dat
  362. 2018-04-06 23:06 - 2016-05-27 08:20 - 000811244 _____ C:\Windows\system32\perfc001.dat
  363. 2018-04-06 23:06 - 2016-05-27 08:08 - 002817196 _____ C:\Windows\system32\perfh007.dat
  364. 2018-04-06 23:06 - 2016-05-27 08:08 - 000865588 _____ C:\Windows\system32\perfc007.dat
  365. 2018-04-06 23:06 - 2009-07-13 22:13 - 000006686 _____ C:\Windows\system32\PerfStringBackup.INI
  366. 2018-04-06 02:32 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\NDF
  367. 2018-04-05 13:31 - 2009-07-13 21:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  368. 2018-04-05 13:31 - 2009-07-13 21:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  369. 2018-04-04 22:41 - 2016-05-14 15:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
  370. 2018-04-04 22:41 - 2016-05-14 15:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
  371. 2018-04-04 22:40 - 2016-05-14 16:22 - 000000000 ____D C:\Program Files (x86)\VulkanRT
  372. 2018-04-04 22:40 - 2016-05-14 16:04 - 000000000 ____D C:\ProgramData\NVIDIA
  373. 2018-04-04 22:40 - 2016-05-14 15:59 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
  374. 2018-04-04 22:40 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
  375. 2018-04-04 17:35 - 2009-07-13 22:08 - 000032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
  376. 2018-04-04 17:18 - 2016-05-27 07:47 - 000352181 ____N C:\Windows\Minidump\040418-31902-01.dmp
  377. 2018-04-04 17:16 - 2016-09-07 22:38 - 000000000 ____D C:\Users\Tim\AppData\Roaming\discord
  378. 2018-04-04 17:16 - 2016-03-28 21:35 - 000000000 ____D C:\Users\Tim\Desktop\Windows Loader
  379. 2018-04-04 17:15 - 2016-05-14 17:55 - 000000000 ____D C:\Users\Tim\AppData\Roaming\TS3Client
  380. 2018-04-04 16:59 - 2016-10-23 12:57 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Axosoft, LLC
  381. 2018-04-04 16:57 - 2017-03-18 16:46 - 000000000 ____D C:\Users\Tim\Documents\Outlook Files
  382. 2018-04-04 16:32 - 2016-10-06 17:38 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d22033227c08b6
  383. 2018-04-04 16:32 - 2016-10-06 17:38 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d220332000c639
  384. 2018-04-04 16:32 - 2016-05-14 17:25 - 000000000 ____D C:\Program Files (x86)\Google
  385. 2018-04-04 16:27 - 2016-05-14 15:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
  386. 2018-04-04 16:24 - 2016-05-14 15:44 - 000001417 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
  387. 2018-04-04 15:15 - 2017-02-03 15:45 - 000000000 ____D C:\Program Files (x86)\A3Launcher
  388. 2018-04-04 14:36 - 2017-01-02 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
  389. 2018-04-04 14:27 - 2016-10-10 17:21 - 000000000 ____D C:\Users\Tim\.frostwire5
  390. 2018-04-04 06:50 - 2016-11-23 20:55 - 000000000 ____D C:\Program Files\Core Temp
  391. 2018-03-27 14:08 - 2017-09-11 02:05 - 000000000 ____D C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
  392. 2018-03-25 16:27 - 2016-11-13 06:49 - 000000042 _____ C:\Users\Tim\jagex_cl_oldschool_LIVE.dat
  393. 2018-03-24 03:01 - 2016-05-21 00:24 - 000000000 ____D C:\Users\Tim\Documents\My Games
  394. 2018-03-24 02:58 - 2009-07-13 20:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
  395. 2018-03-19 14:13 - 2016-05-14 17:35 - 000000000 ____D C:\Users\Tim\AppData\Local\Steam
  396. 2018-03-18 23:40 - 2016-05-14 16:25 - 000000000 ____D C:\Users\Tim\AppData\Local\NVIDIA Corporation
  397. 2018-03-18 23:39 - 2016-09-08 02:02 - 000000000 ____D C:\Users\Tim\AppData\Local\UnrealEngine
  398. 2018-03-18 19:20 - 2016-10-20 20:11 - 000001268 _____ C:\Windows\SysWOW64\nativelog.txt
  399. 2018-03-18 19:03 - 2016-09-19 18:26 - 000000000 ____D C:\Users\Tim\AppData\Roaming\.minecraft
  400. 2018-03-18 13:45 - 2016-05-14 15:44 - 000000000 ____D C:\Users\Tim
  401. 2018-03-15 23:30 - 2016-09-07 22:38 - 000000000 ____D C:\Users\Tim\AppData\Local\SquirrelTemp
  402. 2018-03-13 06:28 - 2018-02-27 21:56 - 000000000 ____D C:\Users\Tim\AppData\Local\GameAnalytics
  403. 2018-03-13 01:30 - 2016-05-14 17:55 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
  404. 2018-03-13 01:15 - 2016-09-15 21:16 - 000000000 ___HD C:\Windows\msdownld.tmp
  405. 2018-03-11 18:26 - 2016-09-16 18:07 - 000000000 ____D C:\Users\Tim\Desktop\Phantom Flights
  406. 2018-03-08 16:37 - 2016-09-07 23:27 - 000000000 ____D C:\Users\Tim\AppData\LocalLow\Unity
  407. 2018-03-08 16:17 - 2016-05-14 16:00 - 000000000 ____D C:\ProgramData\Package Cache
  408. 2018-03-08 16:13 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
  409. 2018-03-08 16:12 - 2016-05-14 17:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
  410.  
  411. ==================== Files in the root of some directories =======
  412.  
  413. 1623-04-04 12:34 - 1623-04-04 12:34 - 000186368 ____N (Microsoft Corporation) C:\Program Files (x86)\wAAYqUOsoYuiY.exe
  414. 2018-04-04 06:08 - 2018-04-04 06:08 - 000243216 _____ () C:\Users\Tim\AppData\Roaming\cutocxrqbcgcsqaooutholyqx5753949.png
  415. 2016-06-21 01:52 - 2017-01-06 16:29 - 000011776 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  416. 2016-09-15 17:20 - 2016-11-23 20:49 - 000007625 _____ () C:\Users\Tim\AppData\Local\resmon.resmoncfg
  417. 2018-04-04 14:28 - 2018-04-04 14:28 - 000000003 _____ () C:\Users\Tim\AppData\Local\wbem.ini
  418.  
  419. Some files in TEMP:
  420. ====================
  421. 2018-04-05 04:13 - 2018-04-05 04:12 - 002237968 _____ () C:\Users\Tim\AppData\Local\Temp\92E989E9-3ED5-4B8A-B36D-343838DCB20A.exe
  422. 2018-04-05 04:17 - 2018-04-05 04:17 - 002237968 _____ () C:\Users\Tim\AppData\Local\Temp\984B7ABB-7BF0-4ECA-A774-04B65D23183A.exe
  423. 2018-04-04 15:33 - 2016-09-02 08:34 - 001732864 _____ (Microsoft Corporation) C:\Users\Tim\AppData\Local\Temp\dllnt_dump.dll
  424. 2018-04-04 16:18 - 2018-04-04 15:54 - 011605440 _____ (SurfRight B.V.) C:\Users\Tim\AppData\Local\Temp\HitmanPro.exe
  425. 2018-04-04 14:55 - 2018-04-04 14:55 - 072356616 _____ (Malwarebytes ) C:\Users\Tim\AppData\Local\Temp\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4610.exe
  426. 2018-04-04 16:16 - 2018-04-04 14:28 - 000099893 _____ () C:\Users\Tim\AppData\Local\Temp\Uninstall.exe
  427.  
  428. Some zero byte size files/folders:
  429. ==========================
  430. C:\Windows\SysWOW64\slui.exe
  431.  
  432. ==================== Bamital & volsnap ======================
  433.  
  434. (There is no automatic fix for files that do not pass verification.)
  435.  
  436. C:\Windows\system32\winlogon.exe => File is digitally signed
  437. C:\Windows\system32\wininit.exe => File is digitally signed
  438. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  439. C:\Windows\explorer.exe => File is digitally signed
  440. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  441. C:\Windows\system32\svchost.exe => File is digitally signed
  442. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  443. C:\Windows\system32\services.exe => File is digitally signed
  444. C:\Windows\system32\User32.dll => File is digitally signed
  445. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  446. C:\Windows\system32\userinit.exe => File is digitally signed
  447. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  448. C:\Windows\system32\rpcss.dll => File is digitally signed
  449. C:\Windows\system32\dnsapi.dll => File is digitally signed
  450. C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
  451. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  452. C:\Windows\system32\drivers\wiodgjmq.sys -> Access Denied <======= ATTENTION
  453.  
  454. LastRegBack: 2018-03-29 04:54
  455.  
  456. ==================== End of FRST.txt ============================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!