kazmatt

Members

View Profile See their activity

Posts
1
Joined
March 2, 2017
Last visited
November 8, 2017

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

malicious website protection on chrome

kazmatt posted a topic in Website Blocking

When i open a new tab in chrome a malicous website protection thing comes up,the domain is blank and there is an ip process is coming from chrome,i have scanned my computer with malwarebytes and nothing came up Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017 Ran by user (administrator) on DESKTOP-4RU24O0 (02-03-2017 21:14:52) Running from C:\Users\user\Downloads Loaded Profiles: user (Available Profiles: user) Platform: Windows 10 Home Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (SweetLabs, Inc) C:\Users\user\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe (Microsoft Corporation) C:\Windows\System32\InputMethod\CHT\ChtIME.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe () C:\Program Files (x86)\WhatPulse2\whatpulse.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe () C:\Program Files (x86)\WhatPulse2\whatpulse-watchdog.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveUI.exe () C:\OEM\Preload\FubTracking\FubTracking.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2015-12-04] (Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-03-08] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2016-08-15] () HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] () HKU\S-1-5-21-1232280872-3454715597-4140770094-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation) HKU\S-1-5-21-1232280872-3454715597-4140770094-1001\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3837016 2016-07-09] () HKU\S-1-5-21-1232280872-3454715597-4140770094-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 210.3.59.66 8.8.8.8 210.3.59.69 Tcpip\..\Interfaces\{210ab07d-3ff9-4398-a4c6-e689cd106fbe}: [DhcpNameServer] 192.168.79.1 Tcpip\..\Interfaces\{615412e4-ba92-4bff-af0f-da4418db64d4}: [DhcpNameServer] 210.3.59.66 8.8.8.8 210.3.59.69 Internet Explorer: ================== HKU\S-1-5-21-1232280872-3454715597-4140770094-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE HKU\S-1-5-21-1232280872-3454715597-4140770094-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-29] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-29] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 38w3cfrk.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\38w3cfrk.default [2017-03-02] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\38w3cfrk.default -> Google FF Homepage: Mozilla\Firefox\Profiles\38w3cfrk.default -> hxxps://www.google.com.hk FF Extension: (English (US) Language Pack) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\38w3cfrk.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-02-03] FF Extension: (uBlock Origin) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\38w3cfrk.default\Extensions\uBlock0@raymondhill.net.xpi [2017-02-02] FF Extension: (Adblock Plus) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\38w3cfrk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-02-02] FF Plugin-x32: @baidu.com/npxbdcntb -> C:\Program Files (x86)\Baidu\BaiduPinyin\3.0.3.706\npxbdcntb.dll [No File] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-1232280872-3454715597-4140770094-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File] Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxps://www.google.com.hk/ CHR StartupUrls: Profile 1 -> "hxxps://www.google.com.hk/" CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-02-11] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-02] CHR Extension: (ezpp!) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aimihpobjpagjiakhcpijibnaafdniol [2017-02-12] CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-11] CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-11] CHR Extension: (uBlock Origin) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-02-11] CHR Extension: (Session Buddy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2017-02-11] CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-11] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-03-08] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-20] (Intel(R) Corporation) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-03] (Intel Corporation) [File not signed] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-03] (Intel Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] () R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-21] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-21] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-21] (NVIDIA Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-06-17] (Acer Incorporated) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-10-08] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-02] (acer) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] () S3 GPU-Z; C:\Users\user\AppData\Local\Temp\GPU-Z.sys [27008 2017-02-25] () <==== ATTENTION R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation) R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-02] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7231248 2016-06-17] (Intel Corporation) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaei.inf_amd64_c775b5e628cf6269\nvlddmkm.sys [14516664 2017-02-11] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-21] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek ) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WinRing0_1_2_0; C:\Users\user\Desktop\realtemp\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-02 21:14 - 2017-03-02 21:15 - 00018406 _____ C:\Users\user\Downloads\FRST.txt 2017-03-02 21:14 - 2017-03-02 21:14 - 00000000 ____D C:\FRST 2017-03-02 21:13 - 2017-03-02 21:14 - 02423808 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2017-03-01 22:36 - 2017-03-01 22:36 - 00000222 _____ C:\Users\user\Desktop\Undertale.url 2017-02-27 23:02 - 2017-02-27 23:02 - 06450408 _____ C:\Users\user\Downloads\X18.zip 2017-02-27 23:02 - 2017-02-27 23:02 - 00946030 _____ C:\Users\user\Downloads\nokia_3310_bytaza.zip 2017-02-27 19:07 - 2017-02-27 19:11 - 00000000 ____D C:\Users\user\Downloads\misshitsound 2017-02-26 12:21 - 2017-02-26 12:21 - 00000222 _____ C:\Users\user\Desktop\Megadimension Neptunia VII.url 2017-02-26 12:21 - 2017-02-26 12:21 - 00000222 _____ C:\Users\user\Desktop\Hyperdimension Neptunia Re;Birth3 V Generation.url 2017-02-26 09:32 - 2017-02-26 09:32 - 00000000 ____D C:\Users\user\AppData\Local\FlatOut Ultimate Carnage 2017-02-26 08:47 - 2017-02-26 08:47 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-02-26 08:47 - 2017-02-10 06:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-02-26 08:47 - 2017-01-26 08:13 - 00103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-02-26 08:47 - 2017-01-26 08:12 - 00326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-02-26 08:47 - 2017-01-26 08:09 - 00322560 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-02-26 08:47 - 2017-01-26 08:09 - 00118272 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-02-25 21:38 - 2017-02-25 21:38 - 00000222 _____ C:\Users\user\Desktop\Flatout 3.url 2017-02-25 21:38 - 2017-02-25 21:38 - 00000221 _____ C:\Users\user\Desktop\FlatOut Ultimate Carnage.url 2017-02-25 21:38 - 2017-02-25 21:38 - 00000220 _____ C:\Users\user\Desktop\FlatOut.url 2017-02-25 21:38 - 2017-02-25 21:38 - 00000220 _____ C:\Users\user\Desktop\FlatOut 2.url 2017-02-25 14:17 - 2017-02-25 14:17 - 00739392 _____ (Oracle Corporation) C:\Users\user\Downloads\JavaSetup8u121.exe 2017-02-25 14:15 - 2017-02-25 14:15 - 00000000 ____D C:\NVIDIA 2017-02-25 14:13 - 2017-02-25 14:15 - 400200032 _____ (NVIDIA Corporation) C:\Users\user\Downloads\378.66-desktop-win10-64bit-international-whql (1).exe 2017-02-25 14:12 - 2017-02-25 14:12 - 392628288 _____ (NVIDIA Corporation) C:\Users\user\Downloads\378.66-desktop-win8-win7-64bit-international-whql (1).exe 2017-02-25 13:36 - 2017-02-25 13:36 - 392628288 _____ (NVIDIA Corporation) C:\Users\user\Downloads\378.66-desktop-win8-win7-64bit-international-whql.exe 2017-02-25 10:45 - 2017-02-25 10:45 - 02109736 _____ (techPowerUp (www.techpowerup.com)) C:\Users\user\Downloads\GPU-Z.1.17.0.exe 2017-02-25 10:45 - 2017-02-25 10:45 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z 2017-02-25 10:45 - 2017-02-25 10:45 - 00000000 ____D C:\Program Files (x86)\GPU-Z 2017-02-25 10:15 - 2017-02-25 10:15 - 00002196 _____ C:\Users\Public\Desktop\3DMark2001 SE.lnk 2017-02-25 10:15 - 2017-02-25 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MadOnion.com 2017-02-25 10:15 - 2017-02-25 10:15 - 00000000 ____D C:\Program Files (x86)\MadOnion.com 2017-02-25 10:14 - 2017-02-25 10:15 - 41780867 _____ (MadOnion.com) C:\Users\user\Downloads\3DMark2001SE.exe 2017-02-25 09:59 - 2017-02-25 14:14 - 00000000 ____D C:\WINDOWS\Minidump 2017-02-25 09:48 - 2017-02-25 09:48 - 00000000 ____D C:\WINDOWS\LastGood 2017-02-25 09:45 - 2017-02-25 09:48 - 00000000 ____D C:\Users\user\Desktop\New folder 2017-02-25 09:45 - 2017-02-25 09:46 - 00000000 ____D C:\Users\user\Desktop\msi afterburner 2017-02-25 09:44 - 2017-02-25 09:44 - 400200032 _____ (NVIDIA Corporation) C:\Users\user\Downloads\378.66-desktop-win10-64bit-international-whql.exe 2017-02-23 19:22 - 2017-02-23 19:22 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-02-23 19:20 - 2017-02-10 10:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-02-23 19:20 - 2017-02-10 10:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-02-21 22:27 - 2017-02-21 22:42 - 480832709 _____ C:\Users\user\Downloads\DesertHighway.zip 2017-02-21 22:27 - 2017-02-21 22:41 - 373476553 _____ C:\Users\user\Downloads\KOS_V01.zip 2017-02-20 16:15 - 2017-02-20 16:16 - 09261616 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup527.exe 2017-02-18 14:26 - 2017-02-18 14:26 - 00000000 ____D C:\Users\user\AppData\Local\PopcornTime 2017-02-18 14:25 - 2017-02-18 14:40 - 00000000 ____D C:\Program Files (x86)\Popcorn Time 2017-02-15 22:17 - 2017-02-15 22:17 - 00000222 _____ C:\Users\user\Desktop\NEKOPARA Vol. 1.url 2017-02-15 22:17 - 2017-02-15 22:17 - 00000222 _____ C:\Users\user\Desktop\NEKOPARA Vol. 0.url 2017-02-13 20:46 - 2017-03-02 21:08 - 00583214 _____ C:\WINDOWS\system32\prfh0404.dat 2017-02-13 20:46 - 2017-03-02 21:08 - 00174278 _____ C:\WINDOWS\system32\prfc0404.dat 2017-02-13 20:46 - 2017-02-13 20:45 - 00119662 _____ C:\WINDOWS\system32\prfi0404.dat 2017-02-13 20:46 - 2017-02-13 20:45 - 00033362 _____ C:\WINDOWS\system32\prfd0404.dat 2017-02-13 20:45 - 2017-02-13 20:45 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HANT 2017-02-13 20:45 - 2017-02-13 20:45 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-02-13 20:45 - 2017-02-13 20:45 - 00000000 ____D C:\WINDOWS\system32\zh-HANT 2017-02-13 20:40 - 2017-02-13 20:40 - 00001696 _____ C:\WINDOWS\SysWOW64\NOISE.CHT 2017-02-13 20:40 - 2017-02-13 20:40 - 00001696 _____ C:\WINDOWS\system32\NOISE.CHT 2017-02-13 20:40 - 2016-07-15 19:29 - 09720320 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0404.dll 2017-02-13 20:40 - 2016-07-15 19:29 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0404.dll 2017-02-13 20:40 - 2016-07-15 19:24 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70404.dll 2017-02-13 20:40 - 2016-07-15 19:14 - 02352640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0404.dll 2017-02-13 20:40 - 2016-07-15 18:40 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70404.dll 2017-02-13 20:40 - 2016-07-15 18:30 - 02267136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0404.dll 2017-02-13 20:39 - 2017-02-13 20:39 - 00001696 _____ C:\WINDOWS\SysWOW64\NOISE.CHS 2017-02-13 20:39 - 2017-02-13 20:39 - 00001696 _____ C:\WINDOWS\system32\NOISE.CHS 2017-02-13 20:39 - 2017-02-13 20:39 - 00001055 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk 2017-02-13 20:39 - 2016-07-15 19:29 - 02963968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0804.dll 2017-02-13 20:39 - 2016-07-15 19:29 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0804.dll 2017-02-13 20:39 - 2016-07-15 19:25 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll 2017-02-13 20:39 - 2016-07-15 19:17 - 03430912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0804.dll 2017-02-13 20:39 - 2016-07-15 18:39 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70804.dll 2017-02-13 20:39 - 2016-07-15 18:36 - 03361792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0804.dll 2017-02-12 20:16 - 2017-02-12 20:16 - 00000000 ____D C:\Users\user\AppData\Roaming\Romero Games Ltd 2017-02-12 20:16 - 2017-02-12 20:16 - 00000000 ____D C:\Users\user\AppData\Local\Romero Games Ltd 2017-02-12 20:15 - 2017-02-12 20:15 - 00000222 _____ C:\Users\user\Desktop\Gunman Taco Truck.url 2017-02-12 17:54 - 2017-02-12 17:54 - 00000000 ____D C:\Users\user\Downloads\HuniePop_Digital_Art_Collection 2017-02-12 12:34 - 2017-02-12 12:34 - 00000219 _____ C:\Users\user\Desktop\Counter-Strike Condition Zero Deleted Scenes.url 2017-02-12 10:19 - 2017-02-12 10:20 - 212291411 _____ C:\Users\user\Downloads\HuniePop_Digital_Art_Collection.zip 2017-02-11 23:25 - 2017-02-11 23:25 - 00000000 ____D C:\Users\user\AppData\LocalLow\HuniePot 2017-02-11 23:23 - 2017-02-11 23:23 - 00000222 _____ C:\Users\user\Desktop\HuniePop.url 2017-02-11 09:32 - 2017-02-11 09:32 - 15598712 _____ (Mythicsoft Ltd) C:\Users\user\Downloads\AgentRansack_865 (1).exe 2017-02-11 09:31 - 2017-02-11 09:31 - 14328216 _____ (Mythicsoft Ltd) C:\Users\user\Downloads\AgentRansack_828.exe 2017-02-11 09:29 - 2017-02-11 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack 2017-02-11 09:29 - 2017-02-11 09:29 - 00000000 ____D C:\Users\user\AppData\Roaming\Mythicsoft 2017-02-11 09:29 - 2017-02-11 09:29 - 00000000 ____D C:\Program Files\Mythicsoft 2017-02-11 09:28 - 2017-02-11 09:28 - 15598712 _____ (Mythicsoft Ltd) C:\Users\user\Downloads\AgentRansack_865.exe 2017-02-11 09:13 - 2017-02-11 09:19 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-02-06 16:07 - 2017-02-20 16:16 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-02-06 16:07 - 2017-02-06 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-02-06 16:07 - 2017-02-06 16:07 - 00000000 ____D C:\Program Files\CCleaner 2017-02-06 16:06 - 2017-02-06 16:07 - 08813488 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup526.exe 2017-02-06 16:05 - 2017-02-06 16:05 - 00009972 _____ C:\Users\user\Documents\cc_20170206_160540.reg 2017-02-05 14:58 - 2017-02-10 10:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-02-05 14:58 - 2017-01-24 08:00 - 00047664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2017-02-05 14:58 - 2017-01-21 00:38 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437849.dll 2017-02-05 14:58 - 2017-01-21 00:38 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437849.dll 2017-02-05 14:58 - 2017-01-21 00:38 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-02-05 14:58 - 2017-01-21 00:38 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-02-04 11:26 - 2017-02-04 11:26 - 00130210 _____ C:\Users\user\Downloads\replay-0_816327_2051916173.osr 2017-02-03 08:38 - 2017-03-02 21:02 - 00000000 ____D C:\Users\user\AppData\LocalLow\Mozilla 2017-02-03 04:12 - 2017-02-05 17:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-02-01 17:23 - 2017-02-01 17:23 - 00000000 ____D C:\Users\user\AppData\Local\DaysOfWar 2017-02-01 12:15 - 2017-02-01 12:15 - 11634948 _____ C:\Users\user\Downloads\rrtyui.osk 2017-02-01 01:36 - 2017-02-01 01:36 - 12352226 _____ C:\Users\user\Downloads\rrtyui.zip ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-02 21:11 - 2017-01-22 21:17 - 00000000 ____D C:\Users\user\AppData\Local\whatpulse 2017-03-02 21:08 - 2016-04-01 22:40 - 02265450 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-03-02 21:06 - 2016-11-14 15:57 - 00000000 ____D C:\ProgramData\NVIDIA 2017-03-02 21:06 - 2016-11-05 15:24 - 00000000 ____D C:\Program Files (x86)\Steam 2017-03-02 21:01 - 2016-11-14 16:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-03-02 21:01 - 2016-11-05 19:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-03-02 21:01 - 2016-07-16 14:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-03-02 20:37 - 2016-11-05 15:34 - 00000000 ____D C:\Users\user\Documents\BeamNG.drive 2017-03-02 19:29 - 2016-11-14 15:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-03-02 17:20 - 2016-04-01 22:39 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-02 16:01 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-02 16:01 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-03-02 15:58 - 2016-11-06 05:04 - 00000000 ____D C:\Users\user\AppData\Local\Host App Service 2017-03-02 15:57 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-03-01 22:36 - 2016-11-05 15:28 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-02-28 20:14 - 2016-11-05 15:42 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-02-26 21:32 - 2016-11-05 17:29 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps 2017-02-26 16:47 - 2016-11-13 18:23 - 00000011 _____ C:\Users\user\Desktop\beamng speed.txt 2017-02-26 12:17 - 2016-11-05 19:04 - 00000016 _____ C:\Users\user\Desktop\spendings.txt 2017-02-26 08:50 - 2016-11-05 19:09 - 00000534 _____ C:\Users\user\Desktop\osu!.lnk 2017-02-26 08:50 - 2016-11-05 19:09 - 00000534 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2017-02-26 08:48 - 2016-11-14 15:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-02-26 08:48 - 2016-07-16 19:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-26 08:47 - 2016-11-14 15:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-02-25 10:15 - 2016-11-06 05:04 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore 2017-02-25 10:15 - 2016-04-01 22:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-02-23 15:59 - 2016-11-05 15:36 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-02-23 15:58 - 2016-11-05 15:36 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-02-22 19:23 - 2016-07-16 19:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-02-19 08:46 - 2016-11-14 15:56 - 00413736 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-02-17 19:29 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\rescache 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\winrm 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\WCN 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\slmgr 2017-02-13 20:45 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\dsc 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\MiracastView 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\MUI 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\migwiz 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\Com 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\IME 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Help 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\System 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-02-13 20:45 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-02-13 20:45 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-02-13 20:45 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-02-13 20:45 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2017-02-13 20:45 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\servicing 2017-02-13 20:40 - 2016-07-16 22:15 - 00000000 ____D C:\WINDOWS\OCR 2017-02-11 09:35 - 2016-11-05 16:55 - 00000000 ____D C:\Users\user\AppData\Local\MicrosoftEdge 2017-02-10 17:31 - 2016-11-23 20:57 - 00000000 ____D C:\Users\user\Desktop\based stuff 2017-02-10 10:33 - 2016-10-28 02:08 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-02-10 10:33 - 2016-10-28 02:07 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-02-10 10:33 - 2016-10-28 01:12 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb 2017-02-10 07:13 - 2016-12-03 15:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-02-10 06:57 - 2016-11-14 15:57 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-02-10 06:57 - 2016-11-14 15:57 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-02-10 06:57 - 2016-11-14 15:57 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-02-10 06:57 - 2016-11-14 15:57 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-02-10 06:57 - 2016-11-14 15:57 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-02-10 06:57 - 2016-11-14 15:57 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-02-10 06:57 - 2016-11-14 15:57 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-02-10 06:57 - 2016-11-14 15:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-02-07 20:48 - 2016-11-05 15:16 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-07 20:48 - 2016-11-05 15:16 - 00002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-07 03:48 - 2016-07-16 19:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-02-07 03:48 - 2016-07-16 19:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-02-06 16:07 - 2017-01-27 07:49 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-02-05 17:14 - 2016-04-01 22:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-02-05 15:00 - 2016-11-14 15:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-02-05 14:56 - 2016-12-15 19:06 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-02-05 14:56 - 2016-12-03 15:32 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-02-05 14:56 - 2016-12-03 15:32 - 00001493 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-02-05 14:55 - 2016-12-03 15:32 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-02-05 14:55 - 2016-12-03 15:32 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-02-05 14:55 - 2016-12-03 15:32 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-02-05 14:55 - 2016-12-03 15:32 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-02-05 14:55 - 2016-12-03 15:32 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-02-01 17:23 - 2016-11-19 16:18 - 00000000 ____D C:\Users\user\AppData\Local\UnrealEngine 2017-02-01 01:49 - 2017-01-27 14:41 - 00000418 _____ C:\WINDOWS\Tasks\update-sys.job 2017-02-01 01:49 - 2017-01-27 14:41 - 00000418 _____ C:\WINDOWS\Tasks\update-S-1-5-21-1232280872-3454715597-4140770094-1001.job ==================== Files in the root of some directories ======= 2016-11-05 17:03 - 2016-12-03 13:20 - 0007605 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2017-01-27 14:41 - 2017-01-27 14:41 - 0000003 _____ () C:\Users\user\AppData\Local\updater.log 2017-01-27 14:41 - 2017-01-27 14:41 - 0000424 _____ () C:\Users\user\AppData\Local\UserProducts.xml 2016-11-14 15:56 - 2016-11-14 15:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-12-15 19:06 - 2017-01-25 17:13 - 0010941 _____ () C:\ProgramData\NvTelemetryContainer.log 2016-12-15 19:06 - 2017-01-22 01:09 - 0031260 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 Some files in TEMP: ==================== 2017-02-25 14:20 - 2017-02-10 06:39 - 0868152 _____ (NVIDIA Corporation) C:\Users\user\AppData\Local\Temp\nvSCPAPI64.dll 2017-02-26 08:45 - 2017-02-10 06:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\user\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-02-27 20:18 ==================== End of FRST.txt ============================ Addition.txt
- March 2, 2017
- 2 replies

Sign In

kazmatt

Posts

Joined

Last visited

Reputation

Recent Profile Visitors

malicious website protection on chrome

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information