Tried to install a software downloaded off the internet. after that, it disabled my mcafee antivirus and pops up are all over. Installed malwarebytes during safe mode. It helps decrease the threat. Back in normal mode, it still incapacitated mcafee causing it not to respond as well as java, and other programs including programs which I presumed it installed on my system. One of the threats detected by mcafee was not yet deleted but "will be deleted". Its was RDM/Generic. Im not certain.
DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 11.0.9600.18858
Run by User at 15:26:31 on 2018-01-03
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.63.1033.18.3907.2875 [GMT 8:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\System32\cscript.exe
C:\Windows\system32\igfxsrvc.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100110225030.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
BHO: {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - <orphaned>
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
uRun: [CONNMGRTRAY] C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe Silent
uRun: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [boostPc] "C:\Program Files (x86)\boostPc\boostPc.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{A2E14B3B-24C7-4556-905E-A8666C938CE1} : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{A2E14B3B-24C7-4556-905E-A8666C938CE1}\05C4444584F4D454649424254646660303 : DHCPNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100110225029.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 127.0.0.1 gf.tools.avast.com
Hosts: 127.0.0.1 pair.ff.avast.com
Hosts: 127.0.0.1 ipm-provider.ff.avast.com
Hosts: 127.0.0.1 ipm-provider.ff.avast.com
Hosts: 127.0.0.1 ipm-provider.ff.avast.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\i4e0c56a.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo®
FF - prefs.js: browser.startup.homepage - hxxps://ph.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__171214__yaff
FF - plugin: C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-10 243496]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2017-1-25 47032]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2010-1-10 6234056]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2010-1-10 72280]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2010-1-10 21080]
R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2010-1-10 59088]
R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2010-1-10 82128]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2010-1-10 253880]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2017-12-23 226696]
S0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-10 841000]
S1 663a0d281e0e0d1a5b2aaf9161d9e579;663a0d281e0e0d1a5b2aaf9161d9e579;C:\Windows\System32\drivers\663a0d281e0e0d1a5b2aaf9161d9e579.sys [2018-1-2 73600]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-12-23 27552]
S2 0d8461c19919d191c02215759e11a2e9;0d8461c19919d191c02215759e11a2e9;rundll32.exe C:\Windows\0d8461c19919d191c02215759e11a2e9.dll kIHAlYdFMa --> rundll32.exe C:\Windows\0d8461c19919d191c02215759e11a2e9.dll kIHAlYdFMa [?]
S2 156f2b5621deadddad7ec0990240c4a4;156f2b5621deadddad7ec0990240c4a4;C:\Program Files\156f2b5621deadddad7ec0990240c4a4\0b43a3bf0265c98a0e1fe5fae8a6e0ba.exe [2018-1-2 814080]
S2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-12-13 7760552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-4-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-4-21 128648]
S2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-3-15 352336]
S2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2017-12-16 226024]
S2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2015-2-10 129904]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-1-10 263056]
S2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [2016-2-11 208936]
S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2010-1-10 279488]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-19 458176]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-12-21 116224]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2017-12-23 480800]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-1-10 458960]
S3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2010-1-10 417064]
S3 mfeaacsk;McAfee Inc. mfeaacsk;C:\Windows\System32\drivers\mfeaacsk.sys [2010-1-10 65320]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-10 348968]
S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-10 493352]
S3 mfeplk;McAfee Inc. mfeplk;C:\Windows\System32\drivers\mfeplk.sys [2010-1-10 66344]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-10 114984]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-12-7 257704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2017-12-20 19456]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2010-1-10 33448]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2017-12-20 56832]
.
=============== Created Last 30 ================
.
2018-01-03 00:54:49 1038848 ----a-w- C:\Windows\0d8461c19919d191c02215759e11a2e9.dll
2018-01-03 00:53:10 -------- d-----w- C:\Windows\SysWow64\SSL
2018-01-03 00:52:51 -------- d-----w- C:\Program Files\156f2b5621deadddad7ec0990240c4a4
2018-01-03 00:52:11 -------- d-----w- C:\Program Files (x86)\Multitimer
2018-01-03 00:52:06 -------- d-----w- C:\Users\User\AppData\Roaming\NVIDIA
2018-01-03 00:51:37 -------- d-----w- C:\Program Files (x86)\foldershare
2018-01-03 00:51:13 -------- d-----w- C:\Program Files (x86)\aohGTEheqdnWC
2018-01-03 00:51:09 -------- d-----w- C:\Program Files (x86)\boostPc
2018-01-03 00:51:07 -------- d-----w- C:\Program Files (x86)\RrHYXuUpocPTIXdsppR
2018-01-03 00:51:03 -------- d-----w- C:\Program Files (x86)\TwPufLOWyrxU2
2018-01-03 00:50:55 -------- d-----w- C:\Program Files (x86)\qTTaaczyWvUn
2018-01-03 00:50:43 -------- d-----w- C:\Program Files (x86)\GBeMZXQZBIE
2018-01-03 00:50:22 -------- d-----w- C:\Program Files (x86)\umkISPBbU
2018-01-03 00:49:55 -------- d-----w- C:\Users\User\AppData\Local\CrashDumps
2018-01-03 00:48:37 -------- d-----w- C:\Users\User\AppData\Local\PCBooster
2018-01-02 10:07:32 73600 ----a-w- C:\Windows\System32\drivers\663a0d281e0e0d1a5b2aaf9161d9e579.sys
2017-12-31 06:32:48 -------- d-----w- C:\MagicPlusMini
2017-12-31 05:11:35 -------- d-----w- C:\Windows\SysWow64\r
2017-12-29 02:12:57 -------- d-----w- C:\Program Files (x86)\Karmian
2017-12-24 03:46:55 -------- d-----w- C:\Users\User\AppData\Local\Windows_8
2017-12-24 01:32:17 -------- d-----w- C:\Users\User\AppData\Local\fontconfig
2017-12-24 01:32:11 -------- d-----w- C:\Users\User\.gimp-2.8
2017-12-24 01:32:09 -------- d-----w- C:\Users\User\AppData\Local\gegl-0.2
2017-12-23 21:26:48 -------- d-----w- C:\Program Files\GIMP 2
2017-12-23 03:03:47 -------- d-s---w- C:\Windows\System32\CompatTel
2017-12-23 03:03:47 -------- d-----w- C:\Windows\System32\appraiser
2017-12-23 02:24:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2017-12-23 02:24:42 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2017-12-23 02:24:42 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2017-12-23 02:24:42 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2017-12-23 00:39:00 3283745 ----a-w- C:\Windows\Alienware Fire.scr
2017-12-22 23:28:59 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
2017-12-22 23:26:12 517448 ----a-w- C:\Windows\SysWow64\XAudio2_4.dll
2017-12-22 23:26:12 235352 ----a-w- C:\Windows\SysWow64\xactengine3_4.dll
2017-12-22 23:26:12 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_6.dll
2017-12-22 23:26:11 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll
2017-12-22 23:26:11 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll
2017-12-22 23:25:50 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2017-12-22 23:25:03 480800 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2017-12-22 23:24:14 -------- d-----w- C:\Windows\System32\DAX2
2017-12-22 23:24:10 -------- d-----w- C:\Windows\SysWow64\RTCOM
2017-12-22 23:24:10 -------- d-----w- C:\Program Files\Realtek
2017-12-22 23:23:19 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2017-12-22 23:23:18 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2017-12-22 23:23:18 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2017-12-22 23:21:59 574752 ----a-w- C:\Windows\System32\AERTAC64.dll
2017-12-22 23:21:59 122320 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2017-12-22 23:21:59 118592 ----a-w- C:\Windows\System32\AERTAR64.dll
2017-12-22 23:21:37 -------- d-----w- C:\ProgramData\Package Cache
2017-12-22 23:20:12 81920 ----a-w- C:\Windows\System32\nusb3co3.dll
2017-12-22 23:20:12 226696 ----a-w- C:\Windows\System32\drivers\nusb3xhc.sys
2017-12-22 23:16:03 96768 ----a-w- C:\Windows\System32\fsutil.exe
2017-12-22 23:16:03 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2017-12-22 23:16:03 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2017-12-22 23:16:03 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2017-12-22 23:16:03 2565632 ----a-w- C:\Windows\System32\esent.dll
2017-12-22 23:16:03 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2017-12-22 23:16:03 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2017-12-22 23:16:03 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2017-12-22 23:16:03 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2017-12-22 23:15:53 2972672 ----a-w- C:\Windows\SysWow64\explorer.exe
2017-12-22 23:15:39 3229696 ----a-w- C:\Windows\explorer.exe
2017-12-22 23:13:54 670208 ----a-w- C:\Windows\System32\generaltel.dll
2017-12-22 23:13:54 605184 ----a-w- C:\Windows\System32\aeinv.dll
2017-12-22 23:13:54 603648 ----a-w- C:\Windows\System32\devinv.dll
2017-12-22 23:13:54 407392 ----a-w- C:\Windows\System32\centel.dll
2017-12-22 23:13:54 370688 ----a-w- C:\Windows\System32\invagent.dll
2017-12-22 23:13:54 241664 ----a-w- C:\Windows\System32\aepic.dll
2017-12-22 23:13:54 2023936 ----a-w- C:\Windows\System32\aitstatic.exe
2017-12-22 23:13:54 181760 ----a-w- C:\Windows\System32\acmigration.dll
2017-12-22 23:13:54 1570304 ----a-w- C:\Windows\System32\appraiser.dll
2017-12-22 23:13:54 134376 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2017-12-22 23:13:51 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2017-12-22 23:09:57 -------- d-----w- C:\ProgramData\ProductData
2017-12-22 23:09:49 -------- d-----w- C:\Windows\IObit
2017-12-22 23:08:34 27552 ----a-w- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
2017-12-22 23:07:55 -------- d-----w- C:\ProgramData\IObit
2017-12-22 23:07:37 -------- d-----w- C:\Users\User\AppData\Roaming\IObit
2017-12-22 23:07:10 -------- d-----w- C:\Program Files (x86)\Driver Booster 5
2017-12-21 11:28:30 -------- d-----w- C:\QUARANTINE
2017-12-21 09:52:06 856064 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
2017-12-21 09:52:06 7077376 ----a-w- C:\Windows\System32\mstscax.dll
2017-12-21 09:52:06 62976 ----a-w- C:\Windows\System32\tsgqec.dll
2017-12-21 09:52:06 6131200 ----a-w- C:\Windows\SysWow64\mstscax.dll
2017-12-21 09:52:06 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2017-12-21 09:52:06 429568 ----a-w- C:\Windows\System32\wksprt.exe
2017-12-21 09:52:06 1057792 ----a-w- C:\Windows\System32\rdvidcrl.dll
2017-12-21 09:51:31 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2017-12-21 09:51:31 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2017-12-21 09:49:48 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2017-12-21 09:49:24 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2017-12-21 00:16:07 110144 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2017-12-21 00:15:44 -------- d-----w- C:\ProgramData\Oracle
2017-12-20 14:26:28 -------- d-----w- C:\Program Files\CCleaner
2017-12-20 06:41:35 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2017-12-20 06:41:35 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2017-12-20 06:38:32 3181568 ----a-w- C:\Windows\System32\rdpcorets.dll
2017-12-20 06:38:32 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2017-12-20 06:38:32 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2017-12-20 06:38:32 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2017-12-20 06:38:32 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2017-12-20 06:38:31 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2017-12-20 06:38:31 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2017-12-20 06:38:31 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2017-12-20 06:36:57 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2017-12-20 06:32:55 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2017-12-20 06:29:35 -------- d-----w- C:\Program Files (x86)\DAMN NFO Viewer
2017-12-20 06:19:47 647680 ----a-w- C:\Windows\System32\d3d10level9.dll
2017-12-20 06:19:47 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2017-12-20 06:17:07 6656 ----a-w- C:\Windows\SysWow64\kbdgeoqw.dll
2017-12-20 06:17:07 6656 ----a-w- C:\Windows\SysWow64\KBDAZEL.DLL
2017-12-20 06:17:06 7168 ----a-w- C:\Windows\System32\kbdgeoqw.dll
2017-12-20 06:17:06 7168 ----a-w- C:\Windows\System32\KBDAZEL.DLL
2017-12-20 06:16:00 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2017-12-20 06:15:59 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2017-12-20 06:15:22 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2017-12-20 06:15:22 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2017-12-20 06:14:55 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2017-12-20 06:14:55 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2017-12-20 05:59:11 -------- d-----w- C:\Windows\SysWow64\drivers\uk-UA
2017-12-20 05:59:05 -------- d-----w- C:\Windows\SysWow64\wbem\uk-UA
2017-12-20 05:59:04 -------- d-----w- C:\Windows\uk-UA
2017-12-20 05:59:04 -------- d-----w- C:\Windows\System32\drivers\uk-UA
2017-12-20 05:58:53 -------- d-----w- C:\Windows\System32\wbem\uk-UA
2017-12-20 05:42:38 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2017-12-20 05:42:37 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2017-12-20 05:42:36 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2017-12-20 05:42:36 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2017-12-20 05:42:35 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2017-12-20 05:42:35 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2017-12-20 05:42:35 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2017-12-20 05:42:35 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2017-12-20 05:42:35 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2017-12-20 05:42:34 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2017-12-20 05:42:34 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2017-12-20 05:27:34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2017-12-20 05:27:32 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2017-12-20 05:27:32 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2017-12-20 05:11:34 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2017-12-20 05:11:34 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2017-12-20 05:11:34 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2017-12-20 05:11:34 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2017-12-20 05:11:33 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2017-12-20 05:11:33 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2017-12-20 05:11:33 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2017-12-20 04:56:58 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\scfilter.sys.mui
2017-12-20 04:56:38 3584 ----a-w- C:\Windows\System32\drivers\uk-UA\portcls.sys.mui
2017-12-20 04:56:37 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\serscan.sys.mui
2017-12-20 04:56:36 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\ataport.sys.mui
2017-12-20 04:56:36 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\amdide.sys.mui
2017-12-20 04:56:33 48640 ----a-w- C:\Windows\System32\drivers\uk-UA\tcpip.sys.mui
2017-12-20 04:56:20 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\hidbth.sys.mui
2017-12-20 04:56:19 7680 ----a-w- C:\Windows\System32\drivers\uk-UA\bthport.sys.mui
2017-12-20 04:56:19 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\BTHUSB.SYS.mui
2017-12-20 04:56:19 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\bthenum.sys.mui
2017-12-20 04:54:29 -------- d-----w- C:\Windows\SysWow64\wbem\sk-SK
2017-12-20 04:54:29 -------- d-----w- C:\Windows\SysWow64\drivers\sk-SK
2017-12-20 04:54:29 -------- d-----w- C:\Windows\sk-SK
2017-12-20 04:54:22 -------- d-----w- C:\Windows\System32\wbem\sk-SK
2017-12-20 04:54:22 -------- d-----w- C:\Windows\System32\drivers\sk-SK
2017-12-20 04:49:05 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\serscan.sys.mui
2017-12-20 04:48:45 3584 ----a-w- C:\Windows\System32\drivers\sk-SK\portcls.sys.mui
2017-12-20 04:48:41 3072 ----a-w- C:\Windows\System32\drivers\sk-SK\ataport.sys.mui
2017-12-20 04:48:41 2048 ----a-w- C:\Windows\System32\drivers\sk-SK\amdide.sys.mui
2017-12-20 04:48:38 47616 ----a-w- C:\Windows\System32\drivers\sk-SK\tcpip.sys.mui
2017-12-20 04:48:36 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\scfilter.sys.mui
2017-12-20 04:48:24 3072 ----a-w- C:\Windows\System32\drivers\sk-SK\hidbth.sys.mui
2017-12-20 04:48:23 7680 ----a-w- C:\Windows\System32\drivers\sk-SK\bthport.sys.mui
2017-12-20 04:48:23 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\BTHUSB.SYS.mui
2017-12-20 04:48:23 2048 ----a-w- C:\Windows\System32\drivers\sk-SK\bthenum.sys.mui
2017-12-20 04:45:50 879104 ----a-w- C:\Windows\System32\tdh.dll
2017-12-20 04:45:50 635392 ----a-w- C:\Windows\SysWow64\tdh.dll
2017-12-20 04:44:56 156672 ----a-w- C:\Windows\System32\mtxoci.dll
2017-12-20 04:44:56 111616 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2017-12-20 04:44:55 286720 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll
2017-12-20 04:44:55 176128 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2017-12-20 04:44:05 515584 ----a-w- C:\Windows\System32\timedate.cpl
2017-12-20 04:44:05 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2017-12-20 04:42:59 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2017-12-20 04:42:55 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2017-12-20 04:42:55 31232 ----a-w- C:\Windows\System32\prevhost.exe
2017-12-20 04:42:34 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2017-12-20 04:42:34 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2017-12-20 04:42:34 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2017-12-20 04:42:34 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2017-12-20 04:42:34 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2017-12-20 04:41:41 2104320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2017-12-20 04:41:40 353280 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll
2017-12-20 04:41:40 275456 ----a-w- C:\Windows\System32\InkEd.dll
2017-12-20 04:41:40 274944 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll
2017-12-20 04:41:40 216064 ----a-w- C:\Windows\SysWow64\InkEd.dll
2017-12-20 04:41:40 18432 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2017-12-20 04:41:40 169984 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll
2017-12-20 04:41:40 16384 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2017-12-20 04:41:40 1416192 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
2017-12-20 04:41:40 126464 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\rtscom.dll
2017-12-20 04:30:21 396800 ----a-w- C:\Windows\System32\webio.dll
2017-12-20 04:30:21 316416 ----a-w- C:\Windows\SysWow64\webio.dll
2017-12-20 04:30:20 69888 ----a-w- C:\Windows\System32\drivers\stream.sys
2017-12-20 04:30:11 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2017-12-20 04:30:11 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2017-12-20 04:30:10 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2017-12-20 04:30:10 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2017-12-20 04:30:09 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2017-12-20 04:30:08 165888 ----a-w- C:\Windows\System32\charmap.exe
2017-12-20 04:30:08 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2017-12-20 03:18:11 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2017-12-20 03:18:11 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2017-12-20 02:20:24 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2017-12-20 02:20:24 5120 ----a-w- C:\Windows\System32\wmi.dll
2017-12-20 02:20:24 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2017-12-20 02:16:54 4296704 ----a-w- C:\Windows\System32\D3DCompiler_47.dll
2017-12-20 02:16:54 3550208 ----a-w- C:\Windows\SysWow64\D3DCompiler_47.dll
2017-12-20 02:11:13 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2017-12-20 02:11:13 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2017-12-20 02:11:13 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2017-12-20 02:11:13 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2017-12-20 02:11:12 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2017-12-20 02:11:12 8856 ----a-w- C:\Windows\System32\icardres.dll
2017-12-20 02:10:58 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2017-12-20 02:10:58 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2017-12-20 02:08:23 683520 ----a-w- C:\Windows\System32\termsrv.dll
2017-12-20 02:05:05 1743360 ----a-w- C:\Windows\System32\sysmain.dll
2017-12-20 02:05:03 2560 ----a-w- C:\Windows\System32\drivers\en-US\mountmgr.sys.mui
2017-12-20 02:04:39 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll
2017-12-20 02:04:39 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2017-12-20 02:04:27 328704 ----a-w- C:\Windows\System32\services.exe
2017-12-20 02:04:06 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2017-12-20 02:04:06 723968 ----a-w- C:\Windows\System32\EncDec.dll
2017-12-20 02:04:05 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2017-12-20 02:04:05 535040 ----a-w- C:\Windows\SysWow64\EncDec.dll
2017-12-20 02:02:55 455168 ----a-w- C:\Windows\System32\winlogon.exe
2017-12-20 02:02:54 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2017-12-20 02:02:54 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2017-12-20 02:02:54 235520 ----a-w- C:\Windows\System32\winsta.dll
2017-12-20 02:02:54 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2017-12-20 02:02:54 157696 ----a-w- C:\Windows\SysWow64\winsta.dll
2017-12-20 02:02:54 150528 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2017-12-20 02:00:44 52736 ----a-w- C:\Windows\System32\basesrv.dll
2017-12-20 01:58:42 241152 ----a-w- C:\Windows\System32\pku2u.dll
2017-12-20 01:58:42 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2017-12-20 01:58:03 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2017-12-20 01:58:02 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2017-12-20 01:58:02 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2017-12-20 01:55:57 215552 ----a-w- C:\Windows\System32\ubpm.dll
2017-12-20 01:54:59 424448 ----a-w- C:\Windows\System32\rastls.dll
2017-12-20 01:52:29 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2017-12-20 01:39:18 1902776 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ClientTelemetry.dll
2017-12-20 01:39:17 21160 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2RINTL.en-us.dll
2017-12-20 01:35:13 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2017-12-20 01:35:13 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2017-12-20 01:35:13 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2017-12-20 01:35:12 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2017-12-20 01:35:12 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2017-12-19 03:05:58 -------- d-----w- C:\Users\User\AppData\Local\BMExplorer
2017-12-19 02:56:49 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2017-12-19 02:55:10 -------- d-----w- C:\Program Files (x86)\Common Files\QCA_Bluetooth
2017-12-19 02:45:23 -------- d-----w- C:\Users\User\AppData\Local\ElevatedDiagnostics
2017-12-19 02:12:21 -------- d-----w- C:\Windows\SysWow64\NV
2017-12-19 02:12:21 -------- d-----w- C:\Windows\System32\NV
2017-12-19 02:04:46 269600 ----a-w- C:\Windows\SysWow64\vulkan-1.dll
2017-12-19 02:04:46 261920 ----a-w- C:\Windows\System32\vulkan-1.dll
2017-12-19 02:04:46 125216 ----a-w- C:\Windows\System32\vulkaninfo.exe
2017-12-19 02:04:46 110880 ----a-w- C:\Windows\SysWow64\vulkaninfo.exe
2017-12-19 02:04:46 -------- d-----w- C:\Program Files (x86)\VulkanRT
2017-12-19 02:04:19 1951 ----a-w- C:\Windows\NvContainerRecovery.bat
2017-12-19 01:56:56 -------- d-----w- C:\Users\User\AppData\Roaming\IDM
2017-12-19 01:56:56 -------- d-----w- C:\ProgramData\IDM
2017-12-19 01:56:55 -------- d-----w- C:\Users\User\AppData\Roaming\DMCache
2017-12-19 01:56:50 -------- d-----w- C:\Program Files (x86)\Internet Download Manager
2017-12-19 01:54:47 -------- d-----w- C:\Windows\System32\SPReview
2017-12-19 01:54:20 -------- d-----w- C:\Windows\System32\EventProviders
2017-12-19 01:49:03 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2017-12-19 01:46:56 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2017-12-19 01:45:28 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2017-12-19 01:09:13 -------- d-----w- C:\Users\User\AppData\Local\Adobe
2017-12-16 09:14:25 -------- d-----w- C:\Games
2017-12-16 09:14:24 -------- d-----w- C:\Users\User\AppData\Local\Skyrim
2017-12-16 00:57:16 226024 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2017-12-15 09:58:39 -------- d-----w- C:\Program Files\Windows KMS Activator Ultimate 2017 v3.5
2017-12-15 09:57:51 90112 ----a-w- C:\Windows\System32\Vestris.ResourceLib.dll
2017-12-15 09:57:51 -------- d-----w- C:\Program Files\KMSpico
2017-12-14 01:50:20 -------- d-----w- C:\searchplugins
2017-12-14 01:48:04 -------- d-----w- C:\Users\User\AppData\Roaming\uTorrent
2017-12-14 01:14:35 13899592 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{456C30D9-281E-4739-882A-EA5A247243AA}\mpengine.dll
2017-12-14 01:14:15 -------- d-----w- C:\Windows\Migration
2017-12-14 01:11:55 -------- d-----w- C:\Windows\System32\MRT
2017-12-14 01:11:41 133326408 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2017-12-14 01:10:50 142336 ----a-w- C:\Windows\System32\poqexec.exe
2017-12-14 01:10:50 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2017-12-14 01:10:34 304128 ----a-w- C:\Windows\System32\EOSNotify.exe
2017-12-14 01:08:09 -------- d-----w- C:\Users\User\AppData\Local\Mozilla
2017-12-13 21:37:07 -------- d-----w- C:\Program Files (x86)\Foxit Software
2017-12-13 21:36:21 -------- d-----w- C:\Windows\System32\appmgmt
2017-12-13 21:35:15 -------- d-----w- C:\Program Files (x86)\CCleaner
2017-12-13 13:58:57 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2017-12-13 01:02:58 -------- d-----w- C:\Program Files (x86)\Microsoft OneDrive
2017-12-13 01:02:57 -------- d-----r- C:\Users\User\OneDrive
2017-12-13 01:02:42 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2017-12-13 00:52:28 5264040 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2017-12-13 00:45:44 -------- d-----w- C:\ProgramData\AutoKMS
2017-12-07 15:41:32 585384 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-12-07 15:40:48 31400 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-12-07 15:29:36 257704 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
==================== Find3M ====================
.
2017-12-22 23:29:31 803328 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-12-22 23:29:31 144896 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-12-22 23:29:13 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2017-12-22 23:29:13 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2017-12-22 23:29:13 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2017-12-22 23:29:13 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2017-12-21 10:08:53 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2017-12-19 02:20:12 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2017-12-19 02:20:11 175616 ----a-w- C:\Windows\System32\msclmd.dll
2017-12-03 15:50:26 83792 ----a-w- C:\Windows\SysWow64\vcruntime140.dll
2017-12-03 15:50:26 440128 ----a-w- C:\Windows\SysWow64\msvcp140.dll
2017-12-03 15:50:26 263856 ----a-w- C:\Windows\SysWow64\vccorlib140.dll
2017-12-03 15:50:24 242496 ----a-w- C:\Windows\SysWow64\concrt140.dll
2017-12-03 15:38:38 87728 ----a-w- C:\Windows\System32\vcruntime140.dll
2017-12-03 15:38:38 641696 ----a-w- C:\Windows\System32\msvcp140.dll
2017-12-03 15:38:38 389296 ----a-w- C:\Windows\System32\vccorlib140.dll
2017-12-03 15:38:38 331432 ----a-w- C:\Windows\System32\concrt140.dll
2017-11-29 01:11:26 77432 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2017-11-17 04:23:29 3222528 ----a-w- C:\Windows\System32\win32k.sys
2017-11-14 03:43:26 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-11-14 03:43:17 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-11-14 03:31:40 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-11-14 03:31:03 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-11-14 03:30:59 417792 ----a-w- C:\Windows\System32\html.iec
2017-11-14 03:30:50 577024 ----a-w- C:\Windows\System32\vbscript.dll
2017-11-14 03:30:34 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-11-14 03:25:02 5925888 ----a-w- C:\Windows\System32\jscript9.dll
2017-11-14 03:20:46 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-11-14 03:20:46 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-11-14 03:20:26 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-11-14 03:15:06 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-11-14 03:06:39 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-11-14 03:06:22 87552 ----a-w- C:\Windows\System32\tdc.ocx
2017-11-14 02:47:01 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-11-14 02:46:49 2134528 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-11-14 02:39:43 3241472 ----a-w- C:\Windows\System32\wininet.dll
2017-11-14 00:32:49 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-11-14 00:31:16 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-11-07 20:56:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-11-07 20:46:44 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-11-07 20:46:17 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-11-07 20:46:10 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-11-07 20:38:59 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-11-07 20:38:45 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-11-07 20:29:15 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2017-11-07 20:28:59 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2017-11-07 20:27:15 4509696 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-11-07 20:17:43 2058752 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2017-11-07 20:17:24 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2017-11-07 20:04:46 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2017-11-07 16:31:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2017-11-07 16:13:07 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2017-11-04 15:31:02 194048 ----a-w- C:\Windows\System32\itircl.dll
2017-11-04 15:31:02 170496 ----a-w- C:\Windows\System32\itss.dll
2017-11-04 15:10:55 158720 ----a-w- C:\Windows\SysWow64\itircl.dll
2017-11-04 15:10:55 142336 ----a-w- C:\Windows\SysWow64\itss.dll
2017-11-02 16:55:42 138240 ----a-w- C:\Windows\System32\rtm.dll
2017-11-02 16:55:36 97792 ----a-w- C:\Windows\System32\mprdim.dll
2017-11-02 16:55:34 9728 ----a-w- C:\Windows\System32\iprtprio.dll
2017-11-02 16:55:34 281600 ----a-w- C:\Windows\System32\iprtrmgr.dll
2017-11-02 15:11:36 115200 ----a-w- C:\Windows\SysWow64\rtm.dll
2017-11-02 15:11:29 75264 ----a-w- C:\Windows\SysWow64\mprdim.dll
2017-11-02 15:11:26 271360 ----a-w- C:\Windows\SysWow64\iprtrmgr.dll
2017-11-02 14:56:56 8192 ----a-w- C:\Windows\SysWow64\iprtprio.dll
2017-10-18 02:06:57 344064 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2017-10-18 02:06:46 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2017-10-18 02:06:40 56320 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2017-10-18 02:06:40 327168 ----a-w- C:\Windows\System32\drivers\usbport.sys
2017-10-18 02:06:39 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2017-10-18 02:06:37 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2017-10-18 02:06:35 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2017-10-16 23:07:21 1680616 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2017-10-16 23:04:40 1001984 ----a-w- C:\Windows\System32\gpedit.dll
2017-10-16 22:46:34 953344 ----a-w- C:\Windows\SysWow64\gpedit.dll
2017-10-16 21:55:15 339968 ----a-w- C:\Windows\SysWow64\msexcl40.dll
2017-10-12 00:58:25 382696 ----a-w- C:\Windows\System32\atmfd.dll
2017-10-12 00:40:31 308456 ----a-w- C:\Windows\SysWow64\atmfd.dll
2017-10-12 00:39:11 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2017-10-12 00:38:44 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2017-10-12 00:38:15 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2017-10-12 00:26:21 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2017-10-12 00:26:07 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2017-10-12 00:25:47 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2017-10-12 00:25:28 9728 ----a-w- C:\Windows\SysWow64\msshooks.dll
2017-10-12 00:24:38 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2017-10-12 00:24:38 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2017-10-12 00:24:37 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2017-10-12 00:20:30 317440 ----a-w- C:\Windows\System32\drivers\rdbss.sys
2017-10-12 00:20:09 113152 ----a-w- C:\Windows\System32\drivers\luafv.sys
2017-10-12 00:16:05 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
.
============= FINISH: 15:28:09.79 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 11.0.9600.18858
Run by User at 15:26:31 on 2018-01-03
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.63.1033.18.3907.2875 [GMT 8:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\System32\cscript.exe
C:\Windows\system32\igfxsrvc.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100110225030.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
BHO: {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - <orphaned>
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
uRun: [CONNMGRTRAY] C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe Silent
uRun: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [boostPc] "C:\Program Files (x86)\boostPc\boostPc.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{A2E14B3B-24C7-4556-905E-A8666C938CE1} : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{A2E14B3B-24C7-4556-905E-A8666C938CE1}\05C4444584F4D454649424254646660303 : DHCPNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100110225029.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 127.0.0.1 gf.tools.avast.com
Hosts: 127.0.0.1 pair.ff.avast.com
Hosts: 127.0.0.1 ipm-provider.ff.avast.com
Hosts: 127.0.0.1 ipm-provider.ff.avast.com
Hosts: 127.0.0.1 ipm-provider.ff.avast.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\i4e0c56a.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo®
FF - prefs.js: browser.startup.homepage - hxxps://ph.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__171214__yaff
FF - plugin: C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-10 243496]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2017-1-25 47032]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2010-1-10 6234056]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2010-1-10 72280]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2010-1-10 21080]
R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2010-1-10 59088]
R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2010-1-10 82128]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2010-1-10 253880]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2017-12-23 226696]
S0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-10 841000]
S1 663a0d281e0e0d1a5b2aaf9161d9e579;663a0d281e0e0d1a5b2aaf9161d9e579;C:\Windows\System32\drivers\663a0d281e0e0d1a5b2aaf9161d9e579.sys [2018-1-2 73600]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-12-23 27552]
S2 0d8461c19919d191c02215759e11a2e9;0d8461c19919d191c02215759e11a2e9;rundll32.exe C:\Windows\0d8461c19919d191c02215759e11a2e9.dll kIHAlYdFMa --> rundll32.exe C:\Windows\0d8461c19919d191c02215759e11a2e9.dll kIHAlYdFMa [?]
S2 156f2b5621deadddad7ec0990240c4a4;156f2b5621deadddad7ec0990240c4a4;C:\Program Files\156f2b5621deadddad7ec0990240c4a4\0b43a3bf0265c98a0e1fe5fae8a6e0ba.exe [2018-1-2 814080]
S2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-12-13 7760552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-4-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-4-21 128648]
S2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-3-15 352336]
S2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2017-12-16 226024]
S2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2015-2-10 129904]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-1-10 263056]
S2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [2016-2-11 208936]
S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2010-1-10 279488]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-19 458176]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-12-21 116224]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2017-12-23 480800]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-1-10 458960]
S3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2010-1-10 417064]
S3 mfeaacsk;McAfee Inc. mfeaacsk;C:\Windows\System32\drivers\mfeaacsk.sys [2010-1-10 65320]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-10 348968]
S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-10 493352]
S3 mfeplk;McAfee Inc. mfeplk;C:\Windows\System32\drivers\mfeplk.sys [2010-1-10 66344]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-10 114984]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-12-7 257704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2017-12-20 19456]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2010-1-10 33448]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2017-12-20 56832]
.
=============== Created Last 30 ================
.
2018-01-03 00:54:49 1038848 ----a-w- C:\Windows\0d8461c19919d191c02215759e11a2e9.dll
2018-01-03 00:53:10 -------- d-----w- C:\Windows\SysWow64\SSL
2018-01-03 00:52:51 -------- d-----w- C:\Program Files\156f2b5621deadddad7ec0990240c4a4
2018-01-03 00:52:11 -------- d-----w- C:\Program Files (x86)\Multitimer
2018-01-03 00:52:06 -------- d-----w- C:\Users\User\AppData\Roaming\NVIDIA
2018-01-03 00:51:37 -------- d-----w- C:\Program Files (x86)\foldershare
2018-01-03 00:51:13 -------- d-----w- C:\Program Files (x86)\aohGTEheqdnWC
2018-01-03 00:51:09 -------- d-----w- C:\Program Files (x86)\boostPc
2018-01-03 00:51:07 -------- d-----w- C:\Program Files (x86)\RrHYXuUpocPTIXdsppR
2018-01-03 00:51:03 -------- d-----w- C:\Program Files (x86)\TwPufLOWyrxU2
2018-01-03 00:50:55 -------- d-----w- C:\Program Files (x86)\qTTaaczyWvUn
2018-01-03 00:50:43 -------- d-----w- C:\Program Files (x86)\GBeMZXQZBIE
2018-01-03 00:50:22 -------- d-----w- C:\Program Files (x86)\umkISPBbU
2018-01-03 00:49:55 -------- d-----w- C:\Users\User\AppData\Local\CrashDumps
2018-01-03 00:48:37 -------- d-----w- C:\Users\User\AppData\Local\PCBooster
2018-01-02 10:07:32 73600 ----a-w- C:\Windows\System32\drivers\663a0d281e0e0d1a5b2aaf9161d9e579.sys
2017-12-31 06:32:48 -------- d-----w- C:\MagicPlusMini
2017-12-31 05:11:35 -------- d-----w- C:\Windows\SysWow64\r
2017-12-29 02:12:57 -------- d-----w- C:\Program Files (x86)\Karmian
2017-12-24 03:46:55 -------- d-----w- C:\Users\User\AppData\Local\Windows_8
2017-12-24 01:32:17 -------- d-----w- C:\Users\User\AppData\Local\fontconfig
2017-12-24 01:32:11 -------- d-----w- C:\Users\User\.gimp-2.8
2017-12-24 01:32:09 -------- d-----w- C:\Users\User\AppData\Local\gegl-0.2
2017-12-23 21:26:48 -------- d-----w- C:\Program Files\GIMP 2
2017-12-23 03:03:47 -------- d-s---w- C:\Windows\System32\CompatTel
2017-12-23 03:03:47 -------- d-----w- C:\Windows\System32\appraiser
2017-12-23 02:24:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2017-12-23 02:24:42 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2017-12-23 02:24:42 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2017-12-23 02:24:42 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2017-12-23 00:39:00 3283745 ----a-w- C:\Windows\Alienware Fire.scr
2017-12-22 23:28:59 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
2017-12-22 23:26:12 517448 ----a-w- C:\Windows\SysWow64\XAudio2_4.dll
2017-12-22 23:26:12 235352 ----a-w- C:\Windows\SysWow64\xactengine3_4.dll
2017-12-22 23:26:12 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_6.dll
2017-12-22 23:26:11 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll
2017-12-22 23:26:11 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll
2017-12-22 23:25:50 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2017-12-22 23:25:03 480800 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2017-12-22 23:24:14 -------- d-----w- C:\Windows\System32\DAX2
2017-12-22 23:24:10 -------- d-----w- C:\Windows\SysWow64\RTCOM
2017-12-22 23:24:10 -------- d-----w- C:\Program Files\Realtek
2017-12-22 23:23:19 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2017-12-22 23:23:18 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2017-12-22 23:23:18 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2017-12-22 23:21:59 574752 ----a-w- C:\Windows\System32\AERTAC64.dll
2017-12-22 23:21:59 122320 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2017-12-22 23:21:59 118592 ----a-w- C:\Windows\System32\AERTAR64.dll
2017-12-22 23:21:37 -------- d-----w- C:\ProgramData\Package Cache
2017-12-22 23:20:12 81920 ----a-w- C:\Windows\System32\nusb3co3.dll
2017-12-22 23:20:12 226696 ----a-w- C:\Windows\System32\drivers\nusb3xhc.sys
2017-12-22 23:16:03 96768 ----a-w- C:\Windows\System32\fsutil.exe
2017-12-22 23:16:03 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2017-12-22 23:16:03 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2017-12-22 23:16:03 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2017-12-22 23:16:03 2565632 ----a-w- C:\Windows\System32\esent.dll
2017-12-22 23:16:03 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2017-12-22 23:16:03 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2017-12-22 23:16:03 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2017-12-22 23:16:03 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2017-12-22 23:15:53 2972672 ----a-w- C:\Windows\SysWow64\explorer.exe
2017-12-22 23:15:39 3229696 ----a-w- C:\Windows\explorer.exe
2017-12-22 23:13:54 670208 ----a-w- C:\Windows\System32\generaltel.dll
2017-12-22 23:13:54 605184 ----a-w- C:\Windows\System32\aeinv.dll
2017-12-22 23:13:54 603648 ----a-w- C:\Windows\System32\devinv.dll
2017-12-22 23:13:54 407392 ----a-w- C:\Windows\System32\centel.dll
2017-12-22 23:13:54 370688 ----a-w- C:\Windows\System32\invagent.dll
2017-12-22 23:13:54 241664 ----a-w- C:\Windows\System32\aepic.dll
2017-12-22 23:13:54 2023936 ----a-w- C:\Windows\System32\aitstatic.exe
2017-12-22 23:13:54 181760 ----a-w- C:\Windows\System32\acmigration.dll
2017-12-22 23:13:54 1570304 ----a-w- C:\Windows\System32\appraiser.dll
2017-12-22 23:13:54 134376 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2017-12-22 23:13:51 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2017-12-22 23:09:57 -------- d-----w- C:\ProgramData\ProductData
2017-12-22 23:09:49 -------- d-----w- C:\Windows\IObit
2017-12-22 23:08:34 27552 ----a-w- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
2017-12-22 23:07:55 -------- d-----w- C:\ProgramData\IObit
2017-12-22 23:07:37 -------- d-----w- C:\Users\User\AppData\Roaming\IObit
2017-12-22 23:07:10 -------- d-----w- C:\Program Files (x86)\Driver Booster 5
2017-12-21 11:28:30 -------- d-----w- C:\QUARANTINE
2017-12-21 09:52:06 856064 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
2017-12-21 09:52:06 7077376 ----a-w- C:\Windows\System32\mstscax.dll
2017-12-21 09:52:06 62976 ----a-w- C:\Windows\System32\tsgqec.dll
2017-12-21 09:52:06 6131200 ----a-w- C:\Windows\SysWow64\mstscax.dll
2017-12-21 09:52:06 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2017-12-21 09:52:06 429568 ----a-w- C:\Windows\System32\wksprt.exe
2017-12-21 09:52:06 1057792 ----a-w- C:\Windows\System32\rdvidcrl.dll
2017-12-21 09:51:31 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2017-12-21 09:51:31 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2017-12-21 09:49:48 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2017-12-21 09:49:24 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2017-12-21 00:16:07 110144 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2017-12-21 00:15:44 -------- d-----w- C:\ProgramData\Oracle
2017-12-20 14:26:28 -------- d-----w- C:\Program Files\CCleaner
2017-12-20 06:41:35 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2017-12-20 06:41:35 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2017-12-20 06:38:32 3181568 ----a-w- C:\Windows\System32\rdpcorets.dll
2017-12-20 06:38:32 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2017-12-20 06:38:32 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2017-12-20 06:38:32 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2017-12-20 06:38:32 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2017-12-20 06:38:31 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2017-12-20 06:38:31 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2017-12-20 06:38:31 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2017-12-20 06:36:57 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2017-12-20 06:32:55 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2017-12-20 06:29:35 -------- d-----w- C:\Program Files (x86)\DAMN NFO Viewer
2017-12-20 06:19:47 647680 ----a-w- C:\Windows\System32\d3d10level9.dll
2017-12-20 06:19:47 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2017-12-20 06:17:07 6656 ----a-w- C:\Windows\SysWow64\kbdgeoqw.dll
2017-12-20 06:17:07 6656 ----a-w- C:\Windows\SysWow64\KBDAZEL.DLL
2017-12-20 06:17:06 7168 ----a-w- C:\Windows\System32\kbdgeoqw.dll
2017-12-20 06:17:06 7168 ----a-w- C:\Windows\System32\KBDAZEL.DLL
2017-12-20 06:16:00 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2017-12-20 06:15:59 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2017-12-20 06:15:22 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2017-12-20 06:15:22 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2017-12-20 06:14:55 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2017-12-20 06:14:55 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2017-12-20 05:59:11 -------- d-----w- C:\Windows\SysWow64\drivers\uk-UA
2017-12-20 05:59:05 -------- d-----w- C:\Windows\SysWow64\wbem\uk-UA
2017-12-20 05:59:04 -------- d-----w- C:\Windows\uk-UA
2017-12-20 05:59:04 -------- d-----w- C:\Windows\System32\drivers\uk-UA
2017-12-20 05:58:53 -------- d-----w- C:\Windows\System32\wbem\uk-UA
2017-12-20 05:42:38 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2017-12-20 05:42:37 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2017-12-20 05:42:36 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2017-12-20 05:42:36 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2017-12-20 05:42:35 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2017-12-20 05:42:35 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2017-12-20 05:42:35 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2017-12-20 05:42:35 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2017-12-20 05:42:35 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2017-12-20 05:42:34 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2017-12-20 05:42:34 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2017-12-20 05:27:34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2017-12-20 05:27:32 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2017-12-20 05:27:32 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2017-12-20 05:11:34 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2017-12-20 05:11:34 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2017-12-20 05:11:34 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2017-12-20 05:11:34 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2017-12-20 05:11:33 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2017-12-20 05:11:33 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2017-12-20 05:11:33 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2017-12-20 04:56:58 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\scfilter.sys.mui
2017-12-20 04:56:38 3584 ----a-w- C:\Windows\System32\drivers\uk-UA\portcls.sys.mui
2017-12-20 04:56:37 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\serscan.sys.mui
2017-12-20 04:56:36 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\ataport.sys.mui
2017-12-20 04:56:36 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\amdide.sys.mui
2017-12-20 04:56:33 48640 ----a-w- C:\Windows\System32\drivers\uk-UA\tcpip.sys.mui
2017-12-20 04:56:20 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\hidbth.sys.mui
2017-12-20 04:56:19 7680 ----a-w- C:\Windows\System32\drivers\uk-UA\bthport.sys.mui
2017-12-20 04:56:19 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\BTHUSB.SYS.mui
2017-12-20 04:56:19 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\bthenum.sys.mui
2017-12-20 04:54:29 -------- d-----w- C:\Windows\SysWow64\wbem\sk-SK
2017-12-20 04:54:29 -------- d-----w- C:\Windows\SysWow64\drivers\sk-SK
2017-12-20 04:54:29 -------- d-----w- C:\Windows\sk-SK
2017-12-20 04:54:22 -------- d-----w- C:\Windows\System32\wbem\sk-SK
2017-12-20 04:54:22 -------- d-----w- C:\Windows\System32\drivers\sk-SK
2017-12-20 04:49:05 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\serscan.sys.mui
2017-12-20 04:48:45 3584 ----a-w- C:\Windows\System32\drivers\sk-SK\portcls.sys.mui
2017-12-20 04:48:41 3072 ----a-w- C:\Windows\System32\drivers\sk-SK\ataport.sys.mui
2017-12-20 04:48:41 2048 ----a-w- C:\Windows\System32\drivers\sk-SK\amdide.sys.mui
2017-12-20 04:48:38 47616 ----a-w- C:\Windows\System32\drivers\sk-SK\tcpip.sys.mui
2017-12-20 04:48:36 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\scfilter.sys.mui
2017-12-20 04:48:24 3072 ----a-w- C:\Windows\System32\drivers\sk-SK\hidbth.sys.mui
2017-12-20 04:48:23 7680 ----a-w- C:\Windows\System32\drivers\sk-SK\bthport.sys.mui
2017-12-20 04:48:23 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\BTHUSB.SYS.mui
2017-12-20 04:48:23 2048 ----a-w- C:\Windows\System32\drivers\sk-SK\bthenum.sys.mui
2017-12-20 04:45:50 879104 ----a-w- C:\Windows\System32\tdh.dll
2017-12-20 04:45:50 635392 ----a-w- C:\Windows\SysWow64\tdh.dll
2017-12-20 04:44:56 156672 ----a-w- C:\Windows\System32\mtxoci.dll
2017-12-20 04:44:56 111616 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2017-12-20 04:44:55 286720 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaora.dll
2017-12-20 04:44:55 176128 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2017-12-20 04:44:05 515584 ----a-w- C:\Windows\System32\timedate.cpl
2017-12-20 04:44:05 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2017-12-20 04:42:59 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2017-12-20 04:42:55 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2017-12-20 04:42:55 31232 ----a-w- C:\Windows\System32\prevhost.exe
2017-12-20 04:42:34 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2017-12-20 04:42:34 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2017-12-20 04:42:34 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2017-12-20 04:42:34 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2017-12-20 04:42:34 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2017-12-20 04:41:41 2104320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2017-12-20 04:41:40 353280 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll
2017-12-20 04:41:40 275456 ----a-w- C:\Windows\System32\InkEd.dll
2017-12-20 04:41:40 274944 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll
2017-12-20 04:41:40 216064 ----a-w- C:\Windows\SysWow64\InkEd.dll
2017-12-20 04:41:40 18432 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2017-12-20 04:41:40 169984 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll
2017-12-20 04:41:40 16384 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2017-12-20 04:41:40 1416192 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
2017-12-20 04:41:40 126464 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\rtscom.dll
2017-12-20 04:30:21 396800 ----a-w- C:\Windows\System32\webio.dll
2017-12-20 04:30:21 316416 ----a-w- C:\Windows\SysWow64\webio.dll
2017-12-20 04:30:20 69888 ----a-w- C:\Windows\System32\drivers\stream.sys
2017-12-20 04:30:11 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2017-12-20 04:30:11 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2017-12-20 04:30:10 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2017-12-20 04:30:10 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2017-12-20 04:30:09 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2017-12-20 04:30:08 165888 ----a-w- C:\Windows\System32\charmap.exe
2017-12-20 04:30:08 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2017-12-20 03:18:11 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2017-12-20 03:18:11 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2017-12-20 02:20:24 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2017-12-20 02:20:24 5120 ----a-w- C:\Windows\System32\wmi.dll
2017-12-20 02:20:24 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2017-12-20 02:16:54 4296704 ----a-w- C:\Windows\System32\D3DCompiler_47.dll
2017-12-20 02:16:54 3550208 ----a-w- C:\Windows\SysWow64\D3DCompiler_47.dll
2017-12-20 02:11:13 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2017-12-20 02:11:13 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2017-12-20 02:11:13 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2017-12-20 02:11:13 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2017-12-20 02:11:12 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2017-12-20 02:11:12 8856 ----a-w- C:\Windows\System32\icardres.dll
2017-12-20 02:10:58 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2017-12-20 02:10:58 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2017-12-20 02:08:23 683520 ----a-w- C:\Windows\System32\termsrv.dll
2017-12-20 02:05:05 1743360 ----a-w- C:\Windows\System32\sysmain.dll
2017-12-20 02:05:03 2560 ----a-w- C:\Windows\System32\drivers\en-US\mountmgr.sys.mui
2017-12-20 02:04:39 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll
2017-12-20 02:04:39 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2017-12-20 02:04:27 328704 ----a-w- C:\Windows\System32\services.exe
2017-12-20 02:04:06 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2017-12-20 02:04:06 723968 ----a-w- C:\Windows\System32\EncDec.dll
2017-12-20 02:04:05 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2017-12-20 02:04:05 535040 ----a-w- C:\Windows\SysWow64\EncDec.dll
2017-12-20 02:02:55 455168 ----a-w- C:\Windows\System32\winlogon.exe
2017-12-20 02:02:54 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2017-12-20 02:02:54 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2017-12-20 02:02:54 235520 ----a-w- C:\Windows\System32\winsta.dll
2017-12-20 02:02:54 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2017-12-20 02:02:54 157696 ----a-w- C:\Windows\SysWow64\winsta.dll
2017-12-20 02:02:54 150528 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2017-12-20 02:00:44 52736 ----a-w- C:\Windows\System32\basesrv.dll
2017-12-20 01:58:42 241152 ----a-w- C:\Windows\System32\pku2u.dll
2017-12-20 01:58:42 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2017-12-20 01:58:03 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2017-12-20 01:58:02 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2017-12-20 01:58:02 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2017-12-20 01:55:57 215552 ----a-w- C:\Windows\System32\ubpm.dll
2017-12-20 01:54:59 424448 ----a-w- C:\Windows\System32\rastls.dll
2017-12-20 01:52:29 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2017-12-20 01:39:18 1902776 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ClientTelemetry.dll
2017-12-20 01:39:17 21160 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2RINTL.en-us.dll
2017-12-20 01:35:13 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2017-12-20 01:35:13 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2017-12-20 01:35:13 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2017-12-20 01:35:12 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2017-12-20 01:35:12 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2017-12-19 03:05:58 -------- d-----w- C:\Users\User\AppData\Local\BMExplorer
2017-12-19 02:56:49 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2017-12-19 02:55:10 -------- d-----w- C:\Program Files (x86)\Common Files\QCA_Bluetooth
2017-12-19 02:45:23 -------- d-----w- C:\Users\User\AppData\Local\ElevatedDiagnostics
2017-12-19 02:12:21 -------- d-----w- C:\Windows\SysWow64\NV
2017-12-19 02:12:21 -------- d-----w- C:\Windows\System32\NV
2017-12-19 02:04:46 269600 ----a-w- C:\Windows\SysWow64\vulkan-1.dll
2017-12-19 02:04:46 261920 ----a-w- C:\Windows\System32\vulkan-1.dll
2017-12-19 02:04:46 125216 ----a-w- C:\Windows\System32\vulkaninfo.exe
2017-12-19 02:04:46 110880 ----a-w- C:\Windows\SysWow64\vulkaninfo.exe
2017-12-19 02:04:46 -------- d-----w- C:\Program Files (x86)\VulkanRT
2017-12-19 02:04:19 1951 ----a-w- C:\Windows\NvContainerRecovery.bat
2017-12-19 01:56:56 -------- d-----w- C:\Users\User\AppData\Roaming\IDM
2017-12-19 01:56:56 -------- d-----w- C:\ProgramData\IDM
2017-12-19 01:56:55 -------- d-----w- C:\Users\User\AppData\Roaming\DMCache
2017-12-19 01:56:50 -------- d-----w- C:\Program Files (x86)\Internet Download Manager
2017-12-19 01:54:47 -------- d-----w- C:\Windows\System32\SPReview
2017-12-19 01:54:20 -------- d-----w- C:\Windows\System32\EventProviders
2017-12-19 01:49:03 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2017-12-19 01:46:56 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2017-12-19 01:45:28 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2017-12-19 01:09:13 -------- d-----w- C:\Users\User\AppData\Local\Adobe
2017-12-16 09:14:25 -------- d-----w- C:\Games
2017-12-16 09:14:24 -------- d-----w- C:\Users\User\AppData\Local\Skyrim
2017-12-16 00:57:16 226024 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2017-12-15 09:58:39 -------- d-----w- C:\Program Files\Windows KMS Activator Ultimate 2017 v3.5
2017-12-15 09:57:51 90112 ----a-w- C:\Windows\System32\Vestris.ResourceLib.dll
2017-12-15 09:57:51 -------- d-----w- C:\Program Files\KMSpico
2017-12-14 01:50:20 -------- d-----w- C:\searchplugins
2017-12-14 01:48:04 -------- d-----w- C:\Users\User\AppData\Roaming\uTorrent
2017-12-14 01:14:35 13899592 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{456C30D9-281E-4739-882A-EA5A247243AA}\mpengine.dll
2017-12-14 01:14:15 -------- d-----w- C:\Windows\Migration
2017-12-14 01:11:55 -------- d-----w- C:\Windows\System32\MRT
2017-12-14 01:11:41 133326408 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2017-12-14 01:10:50 142336 ----a-w- C:\Windows\System32\poqexec.exe
2017-12-14 01:10:50 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2017-12-14 01:10:34 304128 ----a-w- C:\Windows\System32\EOSNotify.exe
2017-12-14 01:08:09 -------- d-----w- C:\Users\User\AppData\Local\Mozilla
2017-12-13 21:37:07 -------- d-----w- C:\Program Files (x86)\Foxit Software
2017-12-13 21:36:21 -------- d-----w- C:\Windows\System32\appmgmt
2017-12-13 21:35:15 -------- d-----w- C:\Program Files (x86)\CCleaner
2017-12-13 13:58:57 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2017-12-13 01:02:58 -------- d-----w- C:\Program Files (x86)\Microsoft OneDrive
2017-12-13 01:02:57 -------- d-----r- C:\Users\User\OneDrive
2017-12-13 01:02:42 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2017-12-13 00:52:28 5264040 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2017-12-13 00:45:44 -------- d-----w- C:\ProgramData\AutoKMS
2017-12-07 15:41:32 585384 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-12-07 15:40:48 31400 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-12-07 15:29:36 257704 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
==================== Find3M ====================
.
2017-12-22 23:29:31 803328 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-12-22 23:29:31 144896 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-12-22 23:29:13 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2017-12-22 23:29:13 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2017-12-22 23:29:13 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2017-12-22 23:29:13 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2017-12-21 10:08:53 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2017-12-19 02:20:12 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2017-12-19 02:20:11 175616 ----a-w- C:\Windows\System32\msclmd.dll
2017-12-03 15:50:26 83792 ----a-w- C:\Windows\SysWow64\vcruntime140.dll
2017-12-03 15:50:26 440128 ----a-w- C:\Windows\SysWow64\msvcp140.dll
2017-12-03 15:50:26 263856 ----a-w- C:\Windows\SysWow64\vccorlib140.dll
2017-12-03 15:50:24 242496 ----a-w- C:\Windows\SysWow64\concrt140.dll
2017-12-03 15:38:38 87728 ----a-w- C:\Windows\System32\vcruntime140.dll
2017-12-03 15:38:38 641696 ----a-w- C:\Windows\System32\msvcp140.dll
2017-12-03 15:38:38 389296 ----a-w- C:\Windows\System32\vccorlib140.dll
2017-12-03 15:38:38 331432 ----a-w- C:\Windows\System32\concrt140.dll
2017-11-29 01:11:26 77432 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2017-11-17 04:23:29 3222528 ----a-w- C:\Windows\System32\win32k.sys
2017-11-14 03:43:26 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-11-14 03:43:17 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-11-14 03:31:40 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-11-14 03:31:03 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-11-14 03:30:59 417792 ----a-w- C:\Windows\System32\html.iec
2017-11-14 03:30:50 577024 ----a-w- C:\Windows\System32\vbscript.dll
2017-11-14 03:30:34 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-11-14 03:25:02 5925888 ----a-w- C:\Windows\System32\jscript9.dll
2017-11-14 03:20:46 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-11-14 03:20:46 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-11-14 03:20:26 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-11-14 03:15:06 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-11-14 03:06:39 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-11-14 03:06:22 87552 ----a-w- C:\Windows\System32\tdc.ocx
2017-11-14 02:47:01 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-11-14 02:46:49 2134528 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-11-14 02:39:43 3241472 ----a-w- C:\Windows\System32\wininet.dll
2017-11-14 00:32:49 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-11-14 00:31:16 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-11-07 20:56:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-11-07 20:46:44 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-11-07 20:46:17 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-11-07 20:46:10 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-11-07 20:38:59 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-11-07 20:38:45 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-11-07 20:29:15 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2017-11-07 20:28:59 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2017-11-07 20:27:15 4509696 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-11-07 20:17:43 2058752 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2017-11-07 20:17:24 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2017-11-07 20:04:46 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2017-11-07 16:31:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2017-11-07 16:13:07 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2017-11-04 15:31:02 194048 ----a-w- C:\Windows\System32\itircl.dll
2017-11-04 15:31:02 170496 ----a-w- C:\Windows\System32\itss.dll
2017-11-04 15:10:55 158720 ----a-w- C:\Windows\SysWow64\itircl.dll
2017-11-04 15:10:55 142336 ----a-w- C:\Windows\SysWow64\itss.dll
2017-11-02 16:55:42 138240 ----a-w- C:\Windows\System32\rtm.dll
2017-11-02 16:55:36 97792 ----a-w- C:\Windows\System32\mprdim.dll
2017-11-02 16:55:34 9728 ----a-w- C:\Windows\System32\iprtprio.dll
2017-11-02 16:55:34 281600 ----a-w- C:\Windows\System32\iprtrmgr.dll
2017-11-02 15:11:36 115200 ----a-w- C:\Windows\SysWow64\rtm.dll
2017-11-02 15:11:29 75264 ----a-w- C:\Windows\SysWow64\mprdim.dll
2017-11-02 15:11:26 271360 ----a-w- C:\Windows\SysWow64\iprtrmgr.dll
2017-11-02 14:56:56 8192 ----a-w- C:\Windows\SysWow64\iprtprio.dll
2017-10-18 02:06:57 344064 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2017-10-18 02:06:46 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2017-10-18 02:06:40 56320 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2017-10-18 02:06:40 327168 ----a-w- C:\Windows\System32\drivers\usbport.sys
2017-10-18 02:06:39 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2017-10-18 02:06:37 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2017-10-18 02:06:35 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2017-10-16 23:07:21 1680616 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2017-10-16 23:04:40 1001984 ----a-w- C:\Windows\System32\gpedit.dll
2017-10-16 22:46:34 953344 ----a-w- C:\Windows\SysWow64\gpedit.dll
2017-10-16 21:55:15 339968 ----a-w- C:\Windows\SysWow64\msexcl40.dll
2017-10-12 00:58:25 382696 ----a-w- C:\Windows\System32\atmfd.dll
2017-10-12 00:40:31 308456 ----a-w- C:\Windows\SysWow64\atmfd.dll
2017-10-12 00:39:11 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2017-10-12 00:38:44 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2017-10-12 00:38:15 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2017-10-12 00:26:21 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2017-10-12 00:26:07 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2017-10-12 00:25:47 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2017-10-12 00:25:28 9728 ----a-w- C:\Windows\SysWow64\msshooks.dll
2017-10-12 00:24:38 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2017-10-12 00:24:38 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2017-10-12 00:24:37 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2017-10-12 00:20:30 317440 ----a-w- C:\Windows\System32\drivers\rdbss.sys
2017-10-12 00:20:09 113152 ----a-w- C:\Windows\System32\drivers\luafv.sys
2017-10-12 00:16:05 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
.
============= FINISH: 15:28:09.79 ===============