Jump to content

High CPU Consumer, Game Lag, Loud Fan


Recommended Posts

About a week ago, my game start to lag and I didn't notice much. Whenever I launch task manager, the CPU usage would drop from a high number to >10%.

However, when I run perfmon /report, it shows that taskhostw.exe consume 99.6% of my cpu.

I had try using Malwarebytes and remove all the threat, but the problem still persist.

Link to post
Share on other sites

  • Replies 55
  • Created
  • Last Reply

Top Posters In This Topic

Hello zolokov and welcome to Malwarebytes,

Continue with the following:

If you do not have Malwarebytes installed do the following:

Download Malwarebytes version 3 from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions....

When the install completes or Malwarebytes is already installed do the following:

Open Malwarebytes, select > "settings" > "protection tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Click on the Report tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....
Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/11/18
Scan Time: 11:40 PM
Log File: 39c15de4-e60b-11e8-b5fb-704d7b41f145.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.482
Update Package Version: 1.0.7797
License: Trial

-System Information-
OS: Windows 10 (Build 17134.345)
CPU: x64
File System: NTFS
User: DESKTOP-TQPRN0M\Rog

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 316239
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 4 min, 0 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-11-2018
# Duration: 00:00:00
# OS:       Windows 10 Home Single Language
# Cleaned:  2
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       Ask
Deleted       AOL

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4337 octets] - [06/11/2018 12:13:56]
AdwCleaner[C00].txt - [4011 octets] - [06/11/2018 12:14:10]
AdwCleaner[S01].txt - [1755 octets] - [06/11/2018 15:04:07]
AdwCleaner[C01].txt - [1849 octets] - [06/11/2018 15:04:34]
AdwCleaner[S02].txt - [1510 octets] - [06/11/2018 15:39:06]
AdwCleaner[C02].txt - [1696 octets] - [06/11/2018 15:39:37]
AdwCleaner[S03].txt - [1671 octets] - [11/11/2018 23:51:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.11.2018
Ran by Rog (administrator) on DESKTOP-TQPRN0M (11-11-2018 23:57:38)
Running from C:\Users\Rog\Downloads
Loaded Profiles: Rog (Available Profiles: Rog)
Platform: Windows 10 Home Single Language Version 1803 17134.345 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-15] ()
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [Gaming Mouse Driver] => C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [491520 2015-01-22] ()
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-08-04] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1767816 2016-08-05] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1953688 2016-08-05] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-43982905-3560842919-2321973015-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
Startup: C:\Users\Rog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2017-11-15]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Rog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-10-19]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\Rog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-06-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{35d6185e-ef25-4ecc-bdb7-3e765424e5dd}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{cd67af25-ade7-4f28-ba48-275d6751c8b1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{f344cc46-d43c-4bcd-8a20-52164cf76315}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131646836558108605&GUID=BAC0ED47-BDE3-47FC-8D5C-D246C4C0D3D4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-43982905-3560842919-2321973015-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-014-756&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-014-756&q={searchTerms}
SearchScopes: HKU\S-1-5-21-43982905-3560842919-2321973015-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-43982905-3560842919-2321973015-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-43982905-3560842919-2321973015-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-014-756&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-13] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2018-11-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-13] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL No File
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL No File
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-43982905-3560842919-2321973015-1001 -> hxxp://www.google.com

FireFox:
========
FF DefaultProfile: wcssj3h6.default
FF ProfilePath: C:\Users\Rog\AppData\Roaming\Mozilla\Firefox\Profiles\wcssj3h6.default [2018-11-07]
FF NewTab: Mozilla\Firefox\Profiles\wcssj3h6.default -> about:newtab
FF SearchPlugin: C:\Users\Rog\AppData\Roaming\Mozilla\Firefox\Profiles\wcssj3h6.default\searchplugins\google-avast.xml [2017-03-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-11-06]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-43982905-3560842919-2321973015-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-10] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [No File]
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-06] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-43982905-3560842919-2321973015-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rog\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-11-11] <==== ATTENTION
CHR Extension: (Slides) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-11-07]
CHR Extension: (Docs) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-11]
CHR Extension: (YouTube) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-02-27]
CHR Extension: (Video Downloader professional) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-09-30]
CHR Extension: (Sheets) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-23]
CHR Extension: (Grammarly for Chrome) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-11-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Portrait Mode) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\odkneplaechagohpjfklebdjepjbkkhn [2018-05-23]
CHR Extension: (Gmail) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-11]
CHR Extension: (Chrome Media Router) - C:\Users\Rog\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
CHR Profile: C:\Users\Rog\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-27]
CHR Profile: C:\Users\Rog\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-27]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [126648 2016-06-16] (ASUSTek Computer Inc.)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [File not signed]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-09] ()
S4 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-06-22] (EasyAntiCheat Ltd)
S4 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-11-09] (Intel Corporation)
S4 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] ()
S4 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [735528 2018-05-30] (Reto-Moto ApS)
S4 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [550568 2018-05-02] (Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-26] (Intel Corporation)
S4 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\vssbridge64.exe [416560 2018-11-06] (AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-16] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S4 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [49704 2016-06-07] (ASUSTeK COMPUTER INC.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-12-18] (TeamViewer GmbH)
S4 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1897184 2016-05-17] (Intel Corporation)
S4 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] ()
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [315768 2016-08-05] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-24] (Microsoft Corporation)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-09-30] (Intel(R) Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-16] (Intel® Corporation)
S2 EsgShKernel; "C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 ShMonitor; "C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe" [X]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [95224 2016-05-20] (ASUS Corporation)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack System Inc. )
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-11-09] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-03-11] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-03-11] (Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [61624 2018-11-07] (EnigmaSoft Limited)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [File not signed]
R1 gfdriver; C:\WINDOWS\System32\drivers\gfdriver.sys [51904 2015-01-14] (Titan ARC Corp.)
S3 GMLXDFltr01; C:\WINDOWS\system32\drivers\GMLXDFltr01.sys [10752 2014-07-24] (LXD Development, Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2018-11-06] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [198168 2018-04-19] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [73416 2018-11-06] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [123152 2018-11-06] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [89168 2018-11-06] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [220472 2018-11-06] (AO Kaspersky Lab)
R1 KLHK; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-11-06] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [185576 2018-11-06] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1113912 2018-11-06] (AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-11-06] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [238528 2018-11-06] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [100136 2018-11-09] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [289856 2018-11-06] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110640 2018-11-06] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [193168 2018-11-06] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [161080 2018-07-20] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-11-11] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-11-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-11-11] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-11] (Malwarebytes)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-11] (Intel Corporation)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8743448 2018-04-26] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_eb18ef0e5d636f6f\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_eb18ef0e5d636f6f\nvpciflt.sys [48496 2018-10-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Corporation)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [200832 2018-01-15] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-24] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-24] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-24] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-03-21] (Zemana Ltd.)
S3 7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-11 23:57 - 2018-11-11 23:57 - 000032193 _____ C:\Users\Rog\Downloads\FRST.txt
2018-11-11 23:57 - 2018-11-11 23:57 - 000000000 ____D C:\FRST
2018-11-11 23:56 - 2018-11-11 23:56 - 002415616 _____ (Farbar) C:\Users\Rog\Downloads\FRST64.exe
2018-11-11 23:53 - 2018-11-11 23:53 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-11-11 23:53 - 2018-11-11 23:53 - 000001819 _____ C:\Users\Rog\Desktop\AdwCleaner[C03].txt
2018-11-11 23:52 - 2018-11-11 23:52 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-11-11 23:52 - 2018-11-11 23:52 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-11-11 23:52 - 2018-11-11 23:52 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-11-11 23:50 - 2018-11-11 23:50 - 007592144 _____ (Malwarebytes) C:\Users\Rog\Downloads\adwcleaner_7.2.4.0.exe
2018-11-11 23:49 - 2018-11-11 23:49 - 000001229 _____ C:\Users\Rog\Desktop\Malwarebytesscan.txt
2018-11-11 23:39 - 2018-11-11 23:39 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-11-11 23:39 - 2018-11-11 23:39 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-11 23:39 - 2018-11-11 23:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-11 23:39 - 2018-11-11 23:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-11 23:39 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-11-11 23:37 - 2018-11-11 23:39 - 079602504 _____ (Malwarebytes ) C:\Users\Rog\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7793 (1).exe
2018-11-11 23:33 - 2018-11-11 23:35 - 079602504 _____ (Malwarebytes ) C:\Users\Rog\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7793.exe
2018-11-11 20:16 - 2018-11-11 20:16 - 000032784 _____ C:\Users\Rog\Downloads\Upgrade.2018.720p.BluRay.x264-DRONES English.zip
2018-11-11 20:16 - 2018-08-17 03:11 - 000088632 ____N C:\Users\Rog\Desktop\Upgrade.2018.720p.BluRay.x264-DRONES.srt
2018-11-10 22:50 - 2018-11-10 22:50 - 000092922 _____ C:\Users\Rog\Documents\expense-receipt.pdf
2018-11-09 16:14 - 2018-11-09 16:14 - 000058257 _____ C:\Users\Rog\Desktop\mbst-clean-results.txt
2018-11-09 16:14 - 2018-11-09 16:14 - 000000000 ____D C:\Users\Rog\AppData\Local\mbamtray
2018-11-09 16:14 - 2018-11-09 16:14 - 000000000 ____D C:\Users\Rog\AppData\Local\mbam
2018-11-09 16:13 - 2018-11-09 16:14 - 079503552 _____ (Malwarebytes ) C:\WINDOWS\SysWOW64\mb-setup.exe
2018-11-09 16:11 - 2018-11-09 16:11 - 002415616 _____ (Farbar) C:\Users\Rog\Downloads\FRSTEnglish.exe
2018-11-09 16:10 - 2018-11-09 16:10 - 003567392 _____ C:\Users\Rog\Downloads\mb-support-1.3.0.549.exe
2018-11-09 15:37 - 2018-11-09 15:37 - 006221992 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Rog\Downloads\GPU-Z_ASUS_ROG_2.14.0.exe
2018-11-09 15:36 - 2018-11-09 15:50 - 000000000 ____D C:\Program Files\PeerBlock
2018-11-09 15:35 - 2018-11-09 15:35 - 002374320 _____ (PeerBlock, LLC ) C:\Users\Rog\Downloads\PeerBlock-Setup_v1.2_r693.exe
2018-11-08 21:49 - 2018-11-08 21:50 - 007880748 _____ C:\Users\Rog\Downloads\SSRN-id880566.pdf
2018-11-08 20:46 - 2018-11-08 20:46 - 001523677 _____ C:\Users\Rog\Downloads\SSRN-id1961708.pdf
2018-11-08 13:23 - 2018-11-09 16:04 - 000100136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2018-11-07 19:57 - 2018-11-07 19:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-11-07 19:18 - 2018-11-07 19:18 - 000232610 _____ C:\Users\Rog\Downloads\Could_Lehman_Brothers_Collapse_Be_Anticipated_An_.pdf
2018-11-07 16:52 - 2018-11-09 16:12 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-11-07 16:51 - 2018-11-07 16:51 - 006625600 _____ (Zemana Ltd. ) C:\Users\Rog\Downloads\Zemana.AntiMalware.Setup (1).exe
2018-11-07 16:50 - 2018-11-07 16:50 - 011576808 _____ (SurfRight B.V.) C:\Users\Rog\Downloads\hitmanpro_x64 (2).exe
2018-11-07 16:35 - 2018-11-07 16:36 - 079073704 _____ (Malwarebytes ) C:\Users\Rog\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7717.exe
2018-11-07 16:09 - 2018-11-07 16:47 - 000061624 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2018-11-07 16:09 - 2018-11-07 16:47 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2018-11-07 16:09 - 2018-11-07 16:09 - 000001057 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2018-11-07 16:09 - 2018-11-07 16:09 - 000000000 ____D C:\sh5ldr
2018-11-07 16:09 - 2018-11-07 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2018-11-07 16:02 - 2018-11-07 16:02 - 001235408 _____ (GridinSoft LLC) C:\Users\Rog\Downloads\setup-gsam-cnet.exe
2018-11-07 15:48 - 2018-11-07 15:48 - 000000000 ____D C:\ProgramData\GridinSoft
2018-11-07 15:47 - 2018-11-07 15:47 - 000873360 _____ (GridinSoft LLC) C:\Users\Rog\Downloads\setup-antimalware-9.exe
2018-11-06 23:25 - 2018-11-06 23:25 - 000012881 _____ C:\Users\Rog\Downloads\Growth Rates.xlsx
2018-11-06 16:50 - 2018-11-06 16:50 - 000002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2018-11-06 16:50 - 2018-11-06 16:50 - 000001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-11-06 16:50 - 2018-11-06 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2018-11-06 16:50 - 2018-11-06 16:50 - 000000000 ____D C:\Program Files (x86)\Evernote
2018-11-06 16:23 - 2018-11-06 16:23 - 000289856 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2018-11-06 16:22 - 2018-11-06 18:24 - 000193168 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-11-06 16:22 - 2018-11-06 16:22 - 000238528 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2018-11-06 16:22 - 2018-11-06 16:22 - 000110640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2018-11-06 16:09 - 2018-11-06 16:09 - 002269184 _____ C:\Users\Rog\Downloads\Session 2 Slides.ppt
2018-11-06 16:03 - 2018-11-09 16:12 - 000000000 ____D C:\Program Files\Common Files\AV
2018-11-06 16:03 - 2018-11-06 16:03 - 000002210 _____ C:\Users\Public\Desktop\Safe Money.lnk
2018-11-06 16:03 - 2018-11-06 16:03 - 000002182 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2018-11-06 16:03 - 2018-11-06 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2018-11-06 16:03 - 2018-11-06 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-11-06 16:03 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2018-11-06 16:02 - 2018-11-11 23:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-11-06 16:02 - 2018-11-06 16:21 - 000220472 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2018-11-06 16:02 - 2018-11-06 16:20 - 001113912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2018-11-06 16:02 - 2018-11-06 16:20 - 000152960 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2018-11-06 16:02 - 2018-11-06 16:19 - 001214752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2018-11-06 16:02 - 2018-11-06 16:03 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-11-06 16:01 - 2018-11-06 16:01 - 002573024 _____ (Kaspersky Lab) C:\Users\Rog\Downloads\startup_14832.exe
2018-11-06 15:52 - 2018-11-06 15:52 - 000309319 _____ C:\Users\Rog\Downloads\InternationalReview_2010.pdf
2018-11-06 12:13 - 2018-11-06 12:13 - 007592144 _____ (Malwarebytes) C:\Users\Rog\Downloads\AdwCleaner.exe
2018-11-06 12:01 - 2018-11-06 12:02 - 080022264 _____ (Malwarebytes ) C:\Users\Rog\Downloads\mb3-setup-1878.1878-3.6.1.2711.exe
2018-11-06 11:59 - 2018-11-06 12:00 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Rog\Downloads\iExplore.exe
2018-11-06 11:54 - 2018-11-06 11:54 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2018-11-06 11:53 - 2018-11-06 11:53 - 011576808 _____ (SurfRight B.V.) C:\Users\Rog\Downloads\hitmanpro_x64 (1).exe
2018-11-06 11:50 - 2018-11-11 23:39 - 000000000 ____D C:\Program Files\Malwarebytes
2018-11-06 11:49 - 2018-11-06 11:50 - 078955096 _____ (Malwarebytes ) C:\Users\Rog\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7699 (1).exe
2018-11-06 03:59 - 2018-11-06 15:37 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-11-06 03:58 - 2018-11-06 03:58 - 003017632 _____ C:\Users\Rog\Downloads\SecurityTaskManager_Setup.exe
2018-11-06 03:46 - 2018-11-06 03:47 - 078955096 _____ (Malwarebytes ) C:\Users\Rog\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7699.exe
2018-11-06 03:46 - 2018-11-06 03:46 - 000000000 ____D C:\WINDOWS\Panther
2018-11-06 02:26 - 2018-11-07 15:34 - 001208200 _____ C:\WINDOWS\ntbtlog.txt
2018-11-06 02:26 - 2018-11-07 13:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-11-06 01:44 - 2018-10-10 22:38 - 000133432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-11-06 01:41 - 2018-10-12 15:38 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-11-06 01:41 - 2018-10-12 15:38 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-11-06 01:41 - 2018-10-12 15:38 - 000845184 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-11-06 01:41 - 2018-10-12 15:38 - 000845184 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-11-06 01:41 - 2018-10-12 15:38 - 000268168 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-11-06 01:41 - 2018-10-12 15:38 - 000268168 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-11-06 01:41 - 2018-10-12 15:38 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-11-06 01:41 - 2018-10-12 15:38 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-11-06 01:41 - 2018-10-12 15:37 - 002017888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441634.dll
2018-11-06 01:41 - 2018-10-12 15:37 - 001997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-11-06 01:41 - 2018-10-12 15:37 - 001508112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-11-06 01:41 - 2018-10-12 15:37 - 001468464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441634.dll
2018-11-06 01:41 - 2018-10-12 15:37 - 001455560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-11-06 01:41 - 2018-10-12 15:37 - 001122672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-11-06 01:41 - 2018-10-12 15:37 - 000631664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-11-06 01:41 - 2018-10-12 15:37 - 000522184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-11-06 01:41 - 2018-10-12 15:36 - 040254128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-11-06 01:41 - 2018-10-12 15:36 - 035151944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-11-06 01:41 - 2018-10-12 15:36 - 004937960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-11-06 01:41 - 2018-10-12 15:36 - 004310600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-11-06 01:41 - 2018-10-12 15:36 - 000750256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-11-06 01:41 - 2018-10-12 15:36 - 000608488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 035298072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 029973400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 015907200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 013202856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 001471392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 001462184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 001167376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 001151960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 001145512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 000822552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 000794416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-11-06 01:41 - 2018-10-12 12:36 - 000637456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-11-06 01:41 - 2018-10-12 12:35 - 019705728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-11-06 01:41 - 2018-10-12 12:35 - 016984816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-11-06 01:41 - 2018-10-11 23:16 - 001685104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-11-06 01:41 - 2018-10-11 23:16 - 000227856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-11-06 01:41 - 2018-10-11 23:16 - 000047576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-11-06 01:26 - 2018-11-06 01:27 - 029571356 _____ (NVIDIA Corporation) C:\Users\Rog\Downloads\Unconfirmed 486273.crdownload
2018-11-05 01:59 - 2018-11-05 01:59 - 000001377 _____ C:\Users\Public\Desktop\IntelProcessor Diagnostic Tool 64bit.lnk
2018-11-05 01:59 - 2018-11-05 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2018-11-05 01:59 - 2018-11-05 01:59 - 000000000 ____D C:\Program Files\Intel Corporation
2018-11-05 01:57 - 2018-11-05 01:58 - 104405911 _____ (Intel Corporation) C:\Users\Rog\Downloads\IPDT_Installer_4.1.0.31_64bit.exe
2018-11-05 01:43 - 2018-11-05 01:43 - 001734994 _____ (7Byte Computers ) C:\Users\Rog\Downloads\hotcpu.exe
2018-11-05 00:16 - 2018-11-05 00:16 - 001578160 _____ C:\Users\Rog\Downloads\res2005ir-annual-report-and-accounts-2005.pdf
2018-11-05 00:02 - 2018-11-05 00:02 - 019755520 _____ C:\Users\Rog\Downloads\FSRFA Session 13 - Summary  review (2).ppt
2018-11-04 17:17 - 2018-11-04 17:19 - 107455726 _____ C:\Users\Rog\Downloads\PES 2018 more FPS (Demo File).rar
2018-10-30 19:40 - 2018-10-30 19:40 - 006147584 _____ C:\Users\Rog\Downloads\Session 8 Slides (1).ppt
2018-10-30 12:28 - 2018-10-30 12:28 - 019739648 _____ C:\Users\Rog\Downloads\FSRFA Session 13 - Summary  review (1).ppt
2018-10-30 12:25 - 2018-10-30 12:25 - 019755520 _____ C:\Users\Rog\Downloads\FSRFA Session 13 - Summary  review.ppt
2018-10-30 12:09 - 2018-10-30 12:09 - 006147584 _____ C:\Users\Rog\Downloads\Session 8 Slides.ppt
2018-10-29 19:02 - 2018-10-29 19:02 - 003220480 _____ C:\Users\Rog\Downloads\FSRFA Session 1 - Overview and Intro to Risk Final.ppt
2018-10-29 15:41 - 2018-10-29 15:41 - 000155704 _____ C:\Users\Rog\Downloads\bsm_cw.pdf
2018-10-29 09:08 - 2018-10-29 09:08 - 000029273 _____ C:\Users\Rog\Downloads\sicario-day-of-the-soldado-2018-720p-bluray-x264-yts-ag-english-133712.zip
2018-10-28 22:21 - 2018-10-28 22:21 - 000277094 _____ C:\Users\Rog\Desktop\brp 1.pdf
2018-10-28 22:20 - 2018-10-28 22:21 - 000254814 _____ C:\Users\Rog\Documents\brp.pdf
2018-10-27 18:15 - 2018-10-27 18:15 - 000030441 _____ C:\Users\Rog\Downloads\elysium-english-yify-6342.zip
2018-10-27 18:15 - 2014-02-08 09:07 - 000078837 _____ C:\Users\Rog\Desktop\elysium-yify-english.srt
2018-10-26 21:25 - 2018-10-26 21:25 - 000035089 _____ C:\Users\Rog\Downloads\StartUp.S01E10.720p.WEBrip-Downloado.site-.srt
2018-10-26 19:35 - 2018-10-26 19:35 - 000014996 _____ C:\Users\Rog\Downloads\StartUp-01x09-Hostile-Takeover.WEB-DL.x264.English.rar
2018-10-26 19:35 - 2018-10-26 19:35 - 000014240 _____ C:\Users\Rog\Downloads\StartUp-01x08-Pro-Rata.WEB-DL.x264.English.rar
2018-10-26 19:35 - 2018-10-26 19:35 - 000012715 _____ C:\Users\Rog\Downloads\StartUp-01x10-Recapitalization.WEB-DL.x264.English.rar
2018-10-26 01:09 - 2018-10-26 01:09 - 000018447 _____ C:\Users\Rog\Downloads\StartUp-01x07-Valuation.WEB-DL-AAC2.0-H.264.English.rar
2018-10-25 22:58 - 2018-10-25 22:58 - 000017400 _____ C:\Users\Rog\Downloads\StartUp-01x06-Bootstrapped.WEB-DL-AAC2.0-H.264.English.rar
2018-10-25 22:58 - 2018-10-25 22:58 - 000012545 _____ C:\Users\Rog\Downloads\StartUp-01x05-Buyout.WEB-DL.English.rar
2018-10-25 22:57 - 2018-10-25 22:57 - 000014262 _____ C:\Users\Rog\Downloads\StartUp-01x04-Angel-Investor.WEB-DL-1.rar
2018-10-24 21:48 - 2018-10-24 21:48 - 000019417 _____ C:\Users\Rog\Downloads\StartUp-01x03-Proof-of-Concept.WEB-DL.AAC2_.0.H.264.English.C.edit_.rar
2018-10-24 21:06 - 2018-10-24 21:06 - 000015412 _____ C:\Users\Rog\Downloads\StartUp-01x02-Ground-Floor.WEB_.DL_.AAC2_.0.H.264.English.C.edit_-1.rar
2018-10-24 20:14 - 2018-10-24 20:14 - 000020695 _____ C:\Users\Rog\Downloads\StartUp-01x01-Seed-Money.WEB_.DL_.HEVC_.English.C..rar
2018-10-23 12:30 - 2018-11-01 17:30 - 000000000 ____D C:\Users\Rog\Desktop\MSc Fintech
2018-10-22 19:32 - 2018-10-22 19:32 - 000064660 _____ C:\Users\Rog\Downloads\inside-job-english-yify-8771.zip
2018-10-21 20:07 - 2018-10-21 20:07 - 004026368 _____ C:\Users\Rog\Downloads\FSRFA Session 11 - Credit Assessment Behavioural Conduct and AI FINAL.ppt
2018-10-21 19:34 - 2018-10-21 19:34 - 000149829 _____ C:\Users\Rog\Downloads\w5t3 - do people like nudges_ - sunstein.pdf
2018-10-21 19:28 - 2018-10-21 19:28 - 000620234 _____ C:\Users\Rog\Downloads\w5t3 - a critical assessment of libertarian paternalism - rebonato.pdf
2018-10-21 19:28 - 2018-10-21 19:28 - 000572482 _____ C:\Users\Rog\Downloads\w5t3 - can nudges be transparent and yet effective_ - bruns et al.pdf
2018-10-21 19:23 - 2018-10-21 19:23 - 000559977 _____ C:\Users\Rog\Downloads\w5t2 - the power of suggestion - madrian shea.pdf
2018-10-21 19:20 - 2018-10-21 19:20 - 000132330 _____ C:\Users\Rog\Downloads\w5t2 - save more tomorrow - benartzi thaler.pdf
2018-10-21 19:16 - 2018-10-21 19:16 - 000800994 _____ C:\Users\Rog\Downloads\w5t2 - choices in repeated gambles and retirement savings - benartzi thaler.pdf
2018-10-21 19:13 - 2018-10-21 19:13 - 000214625 _____ C:\Users\Rog\Downloads\w5t2 - choice architecture - thaler sunstein balz.pdf
2018-10-21 19:01 - 2018-10-21 19:01 - 000208745 _____ C:\Users\Rog\Downloads\w5t1 - libertarian paternalism - thaler sunstein.pdf
2018-10-20 21:11 - 2018-10-20 21:11 - 000027194 _____ C:\Users\Rog\Downloads\The Wire_1x01_en.zip
2018-10-19 11:13 - 2018-10-19 11:13 - 000032469 _____ C:\Users\Rog\Downloads\braveheart-english-yify-11222.zip
2018-10-19 11:09 - 2018-10-19 11:09 - 000015920 _____ C:\Users\Rog\Downloads\braveheart-1995-720p-brrip-x264-1-1gb-yify-english-92015.zip
2018-10-17 23:24 - 2018-10-17 23:24 - 000018820 _____ C:\Users\Rog\Downloads\mad-max-fury-road-english-yify-59249.zip
2018-10-16 23:27 - 2018-10-16 23:27 - 000524431 _____ C:\Users\Rog\Downloads\Untitled_10162018_212536.pdf
2018-10-16 23:25 - 2018-10-16 23:26 - 001950525 _____ C:\Users\Rog\Downloads\Untitled_10162018_212406.pdf
2018-10-15 22:35 - 2018-10-15 22:35 - 000029831 _____ C:\Users\Rog\Downloads\slumdog-millionaire-english-yify-6789.zip
2018-10-15 22:35 - 2014-02-14 07:52 - 000077636 _____ C:\Users\Rog\Downloads\Slumdog.Millionaire.2008.1080p.BluRay.x264.YIFY.srt
2018-10-15 19:45 - 2018-10-15 19:45 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-10-15 19:45 - 2018-10-15 19:45 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-10-14 22:16 - 2018-10-14 22:16 - 000019862 _____ C:\Users\Rog\Downloads\Peaky.Blinders.S04E04.BDRip_.x264-HAGGiS.rar
2018-10-14 22:16 - 2018-10-14 22:16 - 000018676 _____ C:\Users\Rog\Downloads\Peaky.Blinders.S04E02.BDRip_.x264-HAGGiS.rar
2018-10-14 22:16 - 2018-10-14 22:16 - 000017698 _____ C:\Users\Rog\Downloads\Peaky.Blinders.S04E03.BDRip_.x264-HAGGiS.rar
2018-10-14 22:16 - 2018-10-14 22:16 - 000017411 _____ C:\Users\Rog\Downloads\Peaky.Blinders.S04E05.BDRip_.x264-HAGGiS.rar
2018-10-14 22:16 - 2018-10-14 22:16 - 000014657 _____ C:\Users\Rog\Downloads\Peaky.Blinders.S04E06.BDRip_.x264-HAGGiS.rar
2018-10-14 20:09 - 2018-09-21 09:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-14 20:09 - 2018-09-21 08:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-14 20:09 - 2018-09-21 04:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-14 20:09 - 2018-09-21 04:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-14 20:09 - 2018-09-21 04:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-14 20:09 - 2018-09-21 04:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-14 20:09 - 2018-09-21 04:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-14 20:09 - 2018-09-21 03:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-14 20:09 - 2018-09-21 03:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-14 20:09 - 2018-09-21 03:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-14 20:09 - 2018-09-21 03:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-14 20:09 - 2018-09-21 03:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-14 20:09 - 2018-09-21 03:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-14 20:09 - 2018-09-21 03:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-14 20:09 - 2018-09-21 03:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-14 20:09 - 2018-09-21 03:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-14 20:09 - 2018-09-21 03:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-14 20:09 - 2018-09-20 09:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-14 20:09 - 2018-09-20 09:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-14 20:09 - 2018-09-20 09:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-14 20:09 - 2018-09-20 09:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-14 20:09 - 2018-09-20 09:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-14 20:09 - 2018-09-20 08:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-14 20:09 - 2018-09-20 08:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-14 20:09 - 2018-09-20 08:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-14 20:09 - 2018-09-20 08:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-14 20:09 - 2018-09-20 04:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-14 20:09 - 2018-09-20 04:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-14 20:09 - 2018-09-20 04:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-14 20:09 - 2018-09-20 04:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-14 20:09 - 2018-09-20 04:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-14 20:09 - 2018-09-20 04:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-14 20:09 - 2018-09-20 04:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-14 20:09 - 2018-09-20 04:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-14 20:09 - 2018-09-20 04:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-14 20:09 - 2018-09-20 04:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-14 20:09 - 2018-09-20 04:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-14 20:09 - 2018-09-20 04:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-14 20:09 - 2018-09-20 04:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-14 20:09 - 2018-09-20 04:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-14 20:09 - 2018-09-20 04:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-14 20:09 - 2018-09-20 04:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-14 20:09 - 2018-09-20 04:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-14 20:09 - 2018-09-20 04:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-14 20:09 - 2018-09-20 03:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-14 20:09 - 2018-09-20 03:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-14 20:09 - 2018-09-20 03:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-14 20:09 - 2018-09-20 03:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-14 20:09 - 2018-09-20 03:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-14 20:09 - 2018-09-20 03:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-14 20:09 - 2018-09-20 03:41 - 005746688 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2018-10-14 20:09 - 2018-09-20 03:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-14 20:09 - 2018-09-20 03:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-14 20:09 - 2018-09-20 03:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-14 20:09 - 2018-09-20 03:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-14 20:09 - 2018-09-20 03:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-14 20:09 - 2018-09-08 08:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-14 20:09 - 2018-09-08 08:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-14 20:09 - 2018-09-08 08:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-14 20:09 - 2018-09-08 08:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-14 20:09 - 2018-09-08 08:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-14 20:09 - 2018-09-08 08:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-14 20:09 - 2018-09-08 08:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-14 20:09 - 2018-09-08 07:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-14 20:09 - 2018-09-08 07:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-14 20:09 - 2018-09-08 07:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-14 20:09 - 2018-09-08 07:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-14 20:09 - 2018-09-08 07:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-14 20:09 - 2018-09-08 07:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-14 20:09 - 2018-09-08 07:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-14 20:09 - 2018-09-08 07:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-14 20:09 - 2018-09-08 07:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-14 20:09 - 2018-09-08 07:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-14 20:09 - 2018-09-08 07:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-14 20:09 - 2018-09-08 06:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-14 20:09 - 2018-09-08 06:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-14 20:09 - 2018-09-08 06:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-14 20:09 - 2018-09-08 06:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-14 20:09 - 2018-09-08 06:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-14 20:09 - 2018-09-08 04:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-14 20:09 - 2018-09-08 03:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-14 20:09 - 2018-09-08 03:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-14 20:09 - 2018-09-08 03:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-14 20:09 - 2018-09-08 03:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-14 20:09 - 2018-09-08 03:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-14 20:09 - 2018-09-08 03:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-14 20:09 - 2018-09-08 03:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-14 20:09 - 2018-09-08 03:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-14 20:09 - 2018-09-08 03:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-14 20:09 - 2018-09-08 03:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-14 20:09 - 2018-09-08 03:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-14 20:09 - 2018-09-08 03:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-14 20:09 - 2018-09-08 03:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-14 20:09 - 2018-09-08 03:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-14 20:09 - 2018-09-08 03:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-14 20:09 - 2018-09-08 03:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-14 20:09 - 2018-09-08 03:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-14 20:09 - 2018-09-08 03:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-14 20:09 - 2018-09-08 03:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-14 20:09 - 2018-09-08 03:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-14 20:09 - 2018-09-08 03:24 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-10-14 20:09 - 2018-09-08 03:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-14 20:09 - 2018-09-08 03:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-14 20:09 - 2018-09-08 03:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-14 20:09 - 2018-09-08 03:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-14 20:09 - 2018-09-08 03:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-14 20:08 - 2018-09-21 09:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-14 20:08 - 2018-09-21 08:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-14 20:08 - 2018-09-21 04:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-14 20:08 - 2018-09-21 04:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-14 20:08 - 2018-09-21 04:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-14 20:08 - 2018-09-21 04:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-14 20:08 - 2018-09-21 04:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-14 20:08 - 2018-09-21 04:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-14 20:08 - 2018-09-21 04:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-14 20:08 - 2018-09-21 04:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-14 20:08 - 2018-09-21 04:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-14 20:08 - 2018-09-21 04:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-14 20:08 - 2018-09-21 04:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-14 20:08 - 2018-09-21 04:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-14 20:08 - 2018-09-21 04:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-14 20:08 - 2018-09-21 04:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-14 20:08 - 2018-09-21 04:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-14 20:08 - 2018-09-21 03:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-14 20:08 - 2018-09-21 03:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-14 20:08 - 2018-09-21 03:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-14 20:08 - 2018-09-21 03:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-14 20:08 - 2018-09-21 03:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-14 20:08 - 2018-09-21 03:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-14 20:08 - 2018-09-21 03:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-14 20:08 - 2018-09-21 03:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-14 20:08 - 2018-09-21 03:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-14 20:08 - 2018-09-21 03:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-14 20:08 - 2018-09-21 03:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-14 20:08 - 2018-09-21 03:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-14 20:08 - 2018-09-21 03:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-14 20:08 - 2018-09-21 03:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-14 20:08 - 2018-09-21 03:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-14 20:08 - 2018-09-20 09:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-14 20:08 - 2018-09-20 09:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-14 20:08 - 2018-09-20 09:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-14 20:08 - 2018-09-20 09:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-14 20:08 - 2018-09-20 09:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-14 20:08 - 2018-09-20 09:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-14 20:08 - 2018-09-20 08:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-14 20:08 - 2018-09-20 08:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-14 20:08 - 2018-09-20 08:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-14 20:08 - 2018-09-20 08:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-14 20:08 - 2018-09-20 06:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-14 20:08 - 2018-09-20 05:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-14 20:08 - 2018-09-20 04:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-14 20:08 - 2018-09-20 04:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-14 20:08 - 2018-09-20 04:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-14 20:08 - 2018-09-20 04:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-14 20:08 - 2018-09-20 04:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-14 20:08 - 2018-09-20 04:12 - 004529664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2018-10-14 20:08 - 2018-09-20 04:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-14 20:08 - 2018-09-20 04:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-14 20:08 - 2018-09-20 04:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-14 20:08 - 2018-09-20 04:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-14 20:08 - 2018-09-20 04:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-14 20:08 - 2018-09-20 04:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-14 20:08 - 2018-09-20 04:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-14 20:08 - 2018-09-20 04:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-14 20:08 - 2018-09-20 04:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-14 20:08 - 2018-09-20 04:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-14 20:08 - 2018-09-20 04:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-14 20:08 - 2018-09-20 04:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-14 20:08 - 2018-09-20 04:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-14 20:08 - 2018-09-20 04:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-14 20:08 - 2018-09-20 04:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-14 20:08 - 2018-09-20 04:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-14 20:08 - 2018-09-20 04:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-14 20:08 - 2018-09-20 04:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-14 20:08 - 2018-09-20 04:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-14 20:08 - 2018-09-20 03:43 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2018-10-14 20:08 - 2018-09-20 03:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-14 20:08 - 2018-09-20 03:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-14 20:08 - 2018-09-20 03:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-14 20:08 - 2018-09-20 03:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-14 20:08 - 2018-09-20 03:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-14 20:08 - 2018-09-20 03:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-14 20:08 - 2018-09-20 03:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-14 20:08 - 2018-09-20 03:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-14 20:08 - 2018-09-20 03:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-14 20:08 - 2018-09-20 03:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-14 20:08 - 2018-09-20 02:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-14 20:08 - 2018-09-20 01:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-14 20:08 - 2018-09-08 08:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-14 20:08 - 2018-09-08 08:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-14 20:08 - 2018-09-08 08:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-14 20:08 - 2018-09-08 08:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-14 20:08 - 2018-09-08 07:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-14 20:08 - 2018-09-08 07:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-14 20:08 - 2018-09-08 07:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-14 20:08 - 2018-09-08 07:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-14 20:08 - 2018-09-08 07:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-14 20:08 - 2018-09-08 07:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-14 20:08 - 2018-09-08 07:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-14 20:08 - 2018-09-08 07:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-14 20:08 - 2018-09-08 07:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-14 20:08 - 2018-09-08 07:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-14 20:08 - 2018-09-08 07:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-14 20:08 - 2018-09-08 07:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-14 20:08 - 2018-09-08 07:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-14 20:08 - 2018-09-08 07:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-14 20:08 - 2018-09-08 07:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-14 20:08 - 2018-09-08 07:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-14 20:08 - 2018-09-08 07:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-14 20:08 - 2018-09-08 07:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-14 20:08 - 2018-09-08 07:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-14 20:08 - 2018-09-08 07:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-14 20:08 - 2018-09-08 07:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-14 20:08 - 2018-09-08 07:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-14 20:08 - 2018-09-08 07:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-14 20:08 - 2018-09-08 07:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-14 20:08 - 2018-09-08 06:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-14 20:08 - 2018-09-08 06:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-14 20:08 - 2018-09-08 06:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-14 20:08 - 2018-09-08 06:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-14 20:08 - 2018-09-08 06:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-14 20:08 - 2018-09-08 06:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-14 20:08 - 2018-09-08 06:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-14 20:08 - 2018-09-08 03:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-14 20:08 - 2018-09-08 03:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-14 20:08 - 2018-09-08 03:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-14 20:08 - 2018-09-08 03:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-14 20:08 - 2018-09-08 03:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-14 20:08 - 2018-09-08 03:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-14 20:08 - 2018-09-08 03:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-14 20:08 - 2018-09-08 03:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-14 20:08 - 2018-09-08 03:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-14 20:08 - 2018-09-08 03:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-14 20:08 - 2018-09-08 03:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-14 20:08 - 2018-09-08 03:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-14 20:08 - 2018-09-08 03:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-14 20:08 - 2018-09-08 03:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-14 20:08 - 2018-09-08 03:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-14 20:08 - 2018-09-08 03:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-14 20:08 - 2018-09-08 03:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-14 20:08 - 2018-09-08 03:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-14 20:08 - 2018-09-08 03:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-14 20:08 - 2018-09-08 03:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-14 20:08 - 2018-09-08 03:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-14 20:08 - 2018-09-08 03:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-14 20:08 - 2018-09-08 03:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-14 20:08 - 2018-09-08 03:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-14 20:08 - 2018-09-08 03:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-14 20:08 - 2018-09-08 03:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-14 20:08 - 2018-09-08 03:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-14 20:08 - 2018-09-08 03:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-14 20:08 - 2018-09-08 03:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-14 20:08 - 2018-09-08 03:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-14 20:08 - 2018-09-08 03:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-14 20:08 - 2018-09-08 03:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-14 20:08 - 2018-09-08 03:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-14 20:08 - 2018-09-08 03:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-14 20:08 - 2018-09-08 03:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-14 20:08 - 2018-09-08 03:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-14 20:08 - 2018-09-08 03:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-14 20:08 - 2018-09-08 03:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-14 20:08 - 2018-09-08 03:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-14 20:08 - 2018-09-08 03:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-14 11:46 - 2018-10-14 11:46 - 000019743 _____ C:\Users\Rog\Downloads\Peaky.Blinders.S04E01.BDRip_.x264-HAGGiS.rar
2018-10-14 11:46 - 2018-02-10 12:07 - 000054646 ____N C:\Users\Rog\Downloads\Peaky.Blinders.S04E01.BDRip.x264-HAGGiS.srt
2018-10-13 21:48 - 2018-10-13 21:48 - 000689026 _____ C:\Users\Rog\Downloads\w4t5 - anomalies in intertemporal choice - loewenstein prelec.pdf
2018-10-13 21:44 - 2018-10-13 21:44 - 000584906 _____ C:\Users\Rog\Downloads\w4t4 - myopic loss aversion - benartzi thaler.pdf
2018-10-13 21:43 - 2018-10-13 21:43 - 000524898 _____ C:\Users\Rog\Downloads\w4t4 - disposition effect - shefrin statman.pdf
2018-10-13 21:41 - 2018-10-13 21:41 - 002527049 _____ C:\Users\Rog\Downloads\w4t3 - mental accounting and consumer choice - thaler.pdf
2018-10-13 21:40 - 2018-10-13 23:11 - 539862656 _____ C:\Users\Rog\Downloads\The.Theory.of.Everything.2014.1080p.BRrip.YIFY.FardaDL.mkv.crdownload
2018-10-13 21:28 - 2018-10-13 21:28 - 001179899 _____ C:\Users\Rog\Downloads\w4t2 - overconfidence and excess entry - camerer lovallo.pdf
2018-10-13 21:23 - 2018-10-13 21:23 - 000200780 _____ C:\Users\Rog\Downloads\w4t2 - hot hand and gamblers fallacies - ayton fischer.pdf
2018-10-13 21:18 - 2018-10-13 21:18 - 000185748 _____ C:\Users\Rog\Downloads\w4t2 - anchoring effect - ariely loewenstein prelec.pdf
2018-10-13 21:14 - 2018-10-13 21:14 - 002230462 _____ C:\Users\Rog\Downloads\w4t2 - heuristics and biases - tversky kahneman.pdf
2018-10-13 21:08 - 2018-10-13 21:08 - 001615708 _____ C:\Users\Rog\Downloads\w4t1 - when choice is demotivating - iyengar lepper.pdf
2018-10-13 12:09 - 2018-10-13 12:29 - 107546112 _____ C:\Users\Rog\Downloads\The.Purge.S01E01.480p.HDTV.mkv.crdownload
2018-10-13 12:07 - 2018-10-13 12:07 - 000000045 _____ C:\Users\Rog\Documents\Utility.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-11 23:57 - 2017-04-07 08:32 - 000042881 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-11-11 23:54 - 2017-07-18 01:20 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-11 23:53 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-11 23:53 - 2017-03-09 12:12 - 000000000 ____D C:\Users\Rog\Documents\Assassin's Creed Unity
2018-11-11 23:53 - 2017-02-10 23:35 - 000000182 _____ C:\Users\Rog\AppData\Roaming\sp_data.sys
2018-11-11 23:52 - 2018-05-16 23:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-11 23:52 - 2018-04-11 21:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-11-11 23:45 - 2018-05-16 23:56 - 000004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D0DDB6E-7D0A-44F3-B317-11896FF06FE1}
2018-11-11 23:43 - 2018-05-16 23:51 - 000931512 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-11 23:43 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-11 23:28 - 2018-05-16 23:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-11 23:26 - 2018-05-16 23:51 - 000000000 ____D C:\Users\Rog
2018-11-11 20:14 - 2017-08-10 19:13 - 000000000 ____D C:\Users\Rog\Downloads\PopcornTime
2018-11-11 16:15 - 2018-05-16 23:56 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-11-11 16:15 - 2018-05-16 23:56 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-11-10 23:38 - 2017-02-14 10:41 - 000000000 ____D C:\Users\Rog\AppData\Roaming\vlc
2018-11-10 19:02 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-10 16:09 - 2018-04-11 23:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-09 15:19 - 2017-03-21 19:55 - 001101840 _____ C:\WINDOWS\ZAM.krnl.trace
2018-11-09 15:08 - 2018-05-18 18:20 - 000000000 ____D C:\Users\Rog\AppData\Local\D3DSCache
2018-11-09 13:46 - 2017-02-11 00:11 - 000000000 ____D C:\Users\Rog\AppData\Local\CrashDumps
2018-11-09 11:42 - 2017-02-10 23:38 - 000000000 ____D C:\Users\Rog\AppData\Local\NVIDIA
2018-11-08 22:54 - 2017-04-04 16:41 - 000000000 ____D C:\Users\Rog\AppData\Local\Package Cache
2018-11-07 16:08 - 2018-05-09 14:36 - 000000000 ____D C:\Program Files\Epic Games
2018-11-07 16:08 - 2018-05-09 14:34 - 000000000 ____D C:\ProgramData\Epic
2018-11-07 15:44 - 2017-10-23 11:04 - 000000000 ___HD C:\Users\Rog\MicrosoftEdgeBackups
2018-11-07 13:14 - 2018-06-04 22:33 - 000000000 ____D C:\ProgramData\Freemake
2018-11-07 13:14 - 2018-06-04 22:33 - 000000000 ____D C:\Program Files (x86)\Freemake
2018-11-07 00:52 - 2018-03-13 23:23 - 000007601 _____ C:\Users\Rog\AppData\Local\resmon.resmoncfg
2018-11-06 23:25 - 2017-10-18 22:27 - 000000000 ____D C:\Users\Rog\AppData\Local\Packages
2018-11-06 22:55 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-06 16:50 - 2018-05-16 23:56 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-06 16:50 - 2018-05-16 23:56 - 000004412 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-06 16:50 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-06 16:50 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-06 16:22 - 2018-07-20 07:21 - 000089168 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2018-11-06 16:22 - 2017-12-27 10:10 - 000073416 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2018-11-06 16:21 - 2018-02-02 03:45 - 000123152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2018-11-06 16:20 - 2017-11-29 07:03 - 000045768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys
2018-11-06 16:02 - 2018-04-11 23:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-11-06 12:13 - 2017-03-19 18:59 - 000000000 ____D C:\AdwCleaner
2018-11-06 11:45 - 2017-02-11 00:15 - 000000000 ____D C:\Users\Rog\AppData\Local\ElevatedDiagnostics
2018-11-06 04:01 - 2018-05-16 23:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2018-11-06 04:01 - 2016-03-31 03:48 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-11-06 02:13 - 2018-04-11 23:38 - 000000000 ____D C:\PerfLogs
2018-11-06 01:44 - 2017-07-18 01:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-11-06 01:44 - 2017-07-18 01:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-06 01:43 - 2017-07-18 01:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-11-06 01:27 - 2018-08-02 05:01 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:27 - 2018-08-02 05:01 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-08-02 05:00 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-08-02 05:00 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-08-02 05:00 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-05-16 23:56 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-05-16 23:56 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-05-16 23:56 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-05-16 23:56 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-05-16 23:56 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-06 01:26 - 2018-05-16 23:56 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-05 16:51 - 2018-04-11 23:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-05 13:23 - 2017-02-10 23:39 - 000000000 ____D C:\Users\Rog\AppData\Local\NVIDIA Corporation
2018-11-05 02:14 - 2017-10-19 01:01 - 000000000 ____D C:\Users\Rog\AppData\Roaming\Rainmeter
2018-10-30 11:56 - 2017-02-12 19:08 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-26 19:35 - 2017-07-16 16:52 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-24 21:27 - 2018-02-28 13:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-23 21:51 - 2018-02-05 16:03 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-23 13:48 - 2018-06-22 03:52 - 000000000 ____D C:\ProgramData\Packages
2018-10-20 21:11 - 2018-05-16 23:56 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-43982905-3560842919-2321973015-1001
2018-10-20 21:11 - 2018-05-16 23:51 - 000002359 _____ C:\Users\Rog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-20 21:11 - 2017-02-10 23:58 - 000000000 ___RD C:\Users\Rog\OneDrive
2018-10-16 23:30 - 2018-03-28 19:58 - 000000000 ____D C:\Users\Rog\Desktop\iceland
2018-10-16 22:58 - 2017-02-12 19:34 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-15 19:45 - 2017-07-18 01:20 - 000000000 ____D C:\Program Files (x86)\Intel
2018-10-15 19:45 - 2016-10-25 06:01 - 000000000 ____D C:\ProgramData\Intel
2018-10-15 19:45 - 2016-10-25 06:01 - 000000000 ____D C:\Program Files\Intel
2018-10-15 19:45 - 2016-03-31 03:49 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-15 19:45 - 2015-10-30 06:28 - 000000000 ____D C:\Users\Default.migrated
2018-10-14 20:20 - 2018-05-16 23:49 - 000825440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-14 20:20 - 2017-10-18 19:25 - 000000000 ___RD C:\Users\Rog\3D Objects
2018-10-14 20:20 - 2016-11-20 23:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-14 20:19 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-14 20:18 - 2018-04-11 23:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-14 20:18 - 2018-04-11 23:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-14 20:18 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-14 20:18 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-14 20:18 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-14 20:08 - 2017-02-12 20:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-14 20:03 - 2017-02-12 20:27 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-13 20:27 - 2018-05-16 23:56 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-12 15:38 - 2018-05-16 23:51 - 000552504 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-10-12 15:38 - 2018-05-16 23:51 - 000456632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-10-12 12:35 - 2018-03-11 01:19 - 004990000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-10-12 12:35 - 2018-03-11 01:19 - 004249528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== Files in the root of some directories =======

2018-02-18 14:22 - 2018-02-18 14:22 - 000000132 _____ () C:\Users\Rog\AppData\Roaming\Adobe AIFF Format CS6 Prefs
2018-01-28 21:44 - 2018-07-27 04:44 - 000000132 _____ () C:\Users\Rog\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-02-10 23:35 - 2018-11-11 23:53 - 000000182 _____ () C:\Users\Rog\AppData\Roaming\sp_data.sys
2018-03-13 23:23 - 2018-11-07 00:52 - 000007601 _____ () C:\Users\Rog\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2018-11-06 01:41 - 2018-02-23 19:28 - 000372568 _____ (NVIDIA Corporation) C:\Users\Rog\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-16 23:49

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites

Thanks for those logs, continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....



The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.


Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Next,

taskhostw.exe does not show in the FRST logs, do you still see that entry if you open Taskmanager..?

Run FRST one more time:

Type the following in the edit box after "Search:".

taskhostw.exe

Click Search Files button and post the log (Search.txt) it makes to your reply.

Thank you,

Kevin..

fixlist.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.