Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pup adware heuristic removal


  • Please log in to reply
10 replies to this topic

#1 id_866

id_866

  • Members
  • 9 posts
  • ONLINE
  •  

Posted 14 October 2018 - 12:08 PM

hi. I have windows 10 home edition for past 8 months.i got a error "your pc ran into a problem and need a restart in last week".From there i am unable to use my desktop. i formatted c drive installed windows fresh but after using sometime again this error.i formatted and installed operating system around 8 times but no use.i discovered something from all these days.

1.when try to login first time everything works fine but browsing folder or installing kaspersky anti virus or any anti virus makes computer reboot.

2.went to safe mode and scanned with adwcleaner it detects pup.adware.heuristic and when i try to delete it asks restart but after restart, same error

3.i deleted all files inside recycle.bin, system volume information,temp files,profile temp files and re formatted my pc and installed windows 10 again and same problem.

4.installed windows updates and same problem.

5.scanned with malware bytes anti malware and scanned with windows defender and no virus or malware found.same error and restarts

6.sometimes in safe mode i am getting this pup.adware.heuristic malware and it goes after restart and cant detect it after some time.

 

is there any solution to this problem.pls help.thanks in advance

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:48 PM

Posted 15 October 2018 - 08:41 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs for my review.

Wait for further instructions

#3 id_866

id_866
  • Topic Starter

  • Members
  • 9 posts
  • ONLINE
  •  

Posted Yesterday, 11:52 AM

Thanks a lot for reply.I have moved all my data's from internal hard drive to external hard drive and formatted all my partitions.Then installed windows 10 home fresh copy. Run this tool and posting results here.
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by senthamil (administrator) on DESKTOP-99NNQOF (17-10-2018 22:19:28)
Running from C:\Users\senthamil\Downloads
Loaded Profiles: senthamil (Available Profiles: defaultuser0 & senthamil)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2979281990-1051702085-116917718-1001\...\RunOnce: [Uninstall 17.3.6816.0313\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\senthamil\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64"
HKU\S-1-5-21-2979281990-1051702085-116917718-1001\...\RunOnce: [Uninstall 17.3.6816.0313] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\senthamil\AppData\Local\Microsoft\OneDrive\17.3.6816.0313"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{3f727633-d815-48a0-8dea-4a5d590eacab}: [DhcpNameServer] 192.168.0.1 0.0.0.0
 
Internet Explorer:
==================
 
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-17] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Default [2018-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-31] (Intel Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-18 06:03 - 2018-10-18 05:08 - 000000000 ____D C:\Windows\Panther
2018-10-18 05:13 - 2018-10-18 05:13 - 000001417 _____ C:\Users\senthamil\Desktop\Microsoft Edge.lnk
2018-10-18 05:13 - 2018-10-18 05:13 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-10-18 05:13 - 2018-10-17 22:15 - 000000000 ____D C:\Users\senthamil\AppData\Local\MicrosoftEdge
2018-10-18 05:12 - 2018-10-18 05:12 - 000000020 ___SH C:\Users\senthamil\ntuser.ini
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ___RD C:\Users\senthamil\3D Objects
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Adobe
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\VirtualStore
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\Publishers
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\ConnectedDevicesPlatform
2018-10-18 05:12 - 2018-10-17 22:19 - 000000000 ____D C:\Users\senthamil\AppData\Local\Packages
2018-10-18 05:12 - 2018-10-17 22:15 - 000002375 _____ C:\Users\senthamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-18 05:12 - 2018-10-17 22:15 - 000000000 ____D C:\Users\senthamil
2018-10-18 05:11 - 2018-04-12 05:03 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-10-18 05:10 - 2018-10-18 05:11 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2018-10-18 05:10 - 2018-10-18 05:11 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2018-10-18 05:10 - 2018-10-18 05:10 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2018-10-18 05:09 - 2018-10-18 05:09 - 000000020 ___SH C:\Users\defaultuser0\ntuser.ini
2018-10-18 05:09 - 2018-10-18 05:09 - 000000000 _SHDL C:\Documents and Settings
2018-10-18 05:09 - 2018-10-18 05:09 - 000000000 ____D C:\Users\defaultuser0
2018-10-18 05:09 - 2018-04-12 05:04 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-18 05:07 - 2018-10-18 05:07 - 000000000 ____D C:\ProgramData\USOShared
2018-10-18 05:05 - 2018-10-18 05:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-18 05:05 - 2018-10-18 05:06 - 000464284 _____ C:\Windows\Minidump\101718-9781-01.dmp
2018-10-18 05:05 - 2018-10-18 05:05 - 203504856 _____ C:\Windows\MEMORY.DMP
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\ServiceProfiles
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\Minidump
2018-10-18 05:04 - 2018-10-18 05:05 - 000233856 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-17 22:19 - 2018-10-17 22:19 - 002414592 _____ (Farbar) C:\Users\senthamil\Downloads\FRST64.exe
2018-10-17 22:19 - 2018-10-17 22:19 - 002414592 _____ (Farbar) C:\Users\senthamil\Downloads\FRST64 (1).exe
2018-10-17 22:19 - 2018-10-17 22:19 - 000005500 _____ C:\Users\senthamil\Downloads\FRST.txt
2018-10-17 22:19 - 2018-10-17 22:19 - 000000000 ____D C:\FRST
2018-10-17 22:18 - 2018-10-17 22:18 - 081176816 _____ (Malwarebytes ) C:\Users\senthamil\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7197.exe
2018-10-17 22:17 - 2018-10-17 22:18 - 002682648 _____ (Kaspersky Lab) C:\Users\senthamil\Downloads\startup.exe
2018-10-17 22:16 - 2018-10-17 22:16 - 000793700 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-17 22:16 - 2018-10-17 22:16 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-17 22:16 - 2018-10-17 22:16 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-17 22:16 - 2018-10-17 22:16 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-17 22:16 - 2018-10-17 22:16 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-17 22:16 - 2018-10-17 22:16 - 000000000 ____D C:\Users\senthamil\AppData\Local\Google
2018-10-17 22:16 - 2018-10-17 22:16 - 000000000 ____D C:\Users\senthamil\AppData\Local\Comms
2018-10-17 22:16 - 2018-10-17 22:16 - 000000000 ____D C:\Program Files (x86)\Google
2018-10-17 22:15 - 2018-10-17 22:15 - 000003384 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2979281990-1051702085-116917718-1001
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 __SHD C:\Users\senthamil\IntelGraphicsProfiles
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ___HD C:\Users\senthamil\MicrosoftEdgeBackups
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ____D C:\Windows\LastGood
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ____D C:\Program Files\Intel
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ____D C:\Program Files (x86)\Intel
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ____D C:\Intel
2018-10-17 22:15 - 2015-07-31 11:15 - 000072688 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2018-10-17 22:15 - 2015-07-31 11:15 - 000069104 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2018-10-17 22:14 - 2018-10-17 22:15 - 000000000 ___RD C:\Users\senthamil\OneDrive
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-18 06:03 - 2018-04-12 05:08 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-10-18 05:12 - 2018-04-12 05:08 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-18 05:12 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-10-18 05:11 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\spool
2018-10-18 05:11 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-10-18 05:10 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-18 05:08 - 2018-04-12 02:34 - 000262144 _____ C:\Windows\system32\config\BBI
2018-10-18 05:06 - 2018-04-12 05:08 - 000000000 ___RD C:\Windows\PrintDialog
2018-10-18 05:06 - 2018-04-12 05:08 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-10-18 05:06 - 2018-04-12 02:34 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-10-17 22:19 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\AppReadiness
2018-10-17 22:16 - 2018-04-12 05:06 - 000000000 ____D C:\Windows\INF
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-10-18 05:04
 
==================== End of FRST.txt ============================


#4 id_866

id_866
  • Topic Starter

  • Members
  • 9 posts
  • ONLINE
  •  

Posted Yesterday, 12:18 PM

error came one time



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:48 PM

Posted Yesterday, 01:31 PM

Hi,

That log is clean.

Please post the Addition.txt log also created by the Farbar program.

#6 id_866

id_866
  • Topic Starter

  • Members
  • 9 posts
  • ONLINE
  •  

Posted Yesterday, 10:23 PM

I am getting error now and i am posting logs again.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by senthamil (administrator) on DESKTOP-99NNQOF (18-10-2018 08:49:33)
Running from C:\Users\senthamil\Downloads
Loaded Profiles: senthamil (Available Profiles: senthamil)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2018-10-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-09-26] (Intel)
HKU\S-1-5-21-2979281990-1051702085-116917718-1001\...\Run: [uTorrent] => "C:\Users\senthamil\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{3f727633-d815-48a0-8dea-4a5d590eacab}: [DhcpNameServer] 192.168.0.1 0.0.0.0
 
Internet Explorer:
==================
 
FireFox:
========
FF DefaultProfile: 55fhz2tg.default
FF ProfilePath: C:\Users\senthamil\AppData\Roaming\Mozilla\Firefox\Profiles\55fhz2tg.default [2018-10-17]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-10-17]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-17] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-10-17]
CHR Extension: (Slides) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-17]
CHR Extension: (Kaspersky Protection) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-10-17]
CHR Extension: (Docs) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-17]
CHR Extension: (Google Drive) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-17]
CHR Extension: (Sheets) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-17]
CHR Extension: (Click&Clean) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2018-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-17]
CHR Extension: (Gmail) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17]
CHR Profile: C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-17]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
S2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-09-26] (Intel)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [932072 2018-08-11] ()
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [317416 2018-09-19] (Intel Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe [416560 2018-10-17] (AO Kaspersky Lab)
S2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194280 2018-08-11] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [932072 2018-08-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468240 2013-08-21] (Intel Corporation)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-10-09] (AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-10-09] (AO Kaspersky Lab)
S1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-10-09] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [220472 2018-10-17] (AO Kaspersky Lab)
S1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2018-10-17] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [168760 2018-10-17] (AO Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113912 2018-10-17] (AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-10-09] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [48080 2018-02-12] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [236816 2018-10-17] (AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2018-10-17] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [290160 2018-10-17] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [110568 2018-10-17] (AO Kaspersky Lab)
S3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [194120 2018-10-17] (AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [161080 2018-10-09] (AO Kaspersky Lab)
S1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-18 08:49 - 2018-10-18 08:49 - 000127934 _____ C:\Windows\ntbtlog.txt
2018-10-18 08:49 - 2018-10-18 08:49 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2018-10-18 08:41 - 2018-10-18 08:42 - 000570004 _____ C:\Windows\Minidump\101818-22203-01.dmp
2018-10-18 08:36 - 2018-10-18 08:36 - 000000000 _____ C:\Windows\Minidump\101818-23890-01.dmp
2018-10-18 08:25 - 2018-10-18 08:25 - 000000080 ___SH C:\bootTel.dat
2018-10-18 06:03 - 2018-10-18 05:08 - 000000000 ____D C:\Windows\Panther
2018-10-18 05:13 - 2018-10-18 05:13 - 000001417 _____ C:\Users\senthamil\Desktop\Microsoft Edge.lnk
2018-10-18 05:13 - 2018-10-18 05:13 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-10-18 05:13 - 2018-10-17 22:15 - 000000000 ____D C:\Users\senthamil\AppData\Local\MicrosoftEdge
2018-10-18 05:12 - 2018-10-18 05:12 - 000000020 ___SH C:\Users\senthamil\ntuser.ini
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ___RD C:\Users\senthamil\3D Objects
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Adobe
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\VirtualStore
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\Publishers
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\ConnectedDevicesPlatform
2018-10-18 05:12 - 2018-10-17 22:55 - 000000000 ____D C:\Users\senthamil
2018-10-18 05:12 - 2018-10-17 22:30 - 000000000 ____D C:\Users\senthamil\AppData\Local\Packages
2018-10-18 05:12 - 2018-10-17 22:15 - 000002375 _____ C:\Users\senthamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-18 05:11 - 2018-04-12 05:03 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-10-18 05:09 - 2018-10-18 05:09 - 000000000 _SHDL C:\Documents and Settings
2018-10-18 05:07 - 2018-10-18 05:07 - 000000000 ____D C:\ProgramData\USOShared
2018-10-18 05:05 - 2018-10-18 08:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-18 05:05 - 2018-10-18 08:41 - 386908870 _____ C:\Windows\MEMORY.DMP
2018-10-18 05:05 - 2018-10-18 08:41 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-10-18 05:05 - 2018-10-18 08:41 - 000000000 ____D C:\Windows\Minidump
2018-10-18 05:05 - 2018-10-18 05:06 - 000464284 _____ C:\Windows\Minidump\101718-9781-01.dmp
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\ServiceProfiles
2018-10-18 05:04 - 2018-10-18 05:05 - 000233856 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-17 23:01 - 2018-10-17 23:01 - 001018692 _____ C:\Windows\Minidump\101718-22390-01.dmp
2018-10-17 23:01 - 2018-10-17 23:01 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-17 23:00 - 2018-10-17 23:00 - 000000000 ____D C:\Users\senthamil\AppData\Local\DBG
2018-10-17 22:57 - 2018-10-17 22:57 - 000019286 _____ C:\Windows\system32\results.xml
2018-10-17 22:53 - 2018-10-17 22:53 - 000000000 ____D C:\Users\senthamil\Downloads\Intel Driver and Support Assistant
2018-10-17 22:52 - 2018-10-17 22:53 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-10-17 22:52 - 2018-10-17 22:52 - 000003762 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2018-10-17 22:52 - 2018-10-17 22:52 - 000003528 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2018-10-17 22:52 - 2018-10-17 22:52 - 000002678 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2018-10-17 22:52 - 2018-10-17 22:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-17 22:52 - 2018-10-17 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2018-10-17 22:52 - 2018-10-17 22:52 - 000000000 ____D C:\ProgramData\Intel
2018-10-17 22:52 - 2018-08-11 07:21 - 000043008 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2018-10-17 22:51 - 2014-03-13 01:46 - 000403256 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2018-10-17 22:51 - 2014-03-13 01:31 - 000001904 ____N C:\Windows\system32\SetupBD.din
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____D C:\Program Files\Realtek
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-10-17 22:48 - 2018-10-07 20:14 - 002162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 060955136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-10-17 22:48 - 2018-10-07 20:13 - 028343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 014863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 012894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 006218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2018-10-17 22:48 - 2018-10-07 20:13 - 005751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 003959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 003956056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-10-17 22:48 - 2018-10-07 20:13 - 002834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002117424 _____ C:\Windows\system32\SStudio.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-10-17 22:48 - 2018-10-07 20:13 - 001939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001057494 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-10-17 22:48 - 2018-10-07 20:13 - 001048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000033592 _____ C:\Windows\system32\audioLibVc.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-10-17 22:48 - 2012-08-31 19:18 - 007164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-10-17 22:47 - 2018-10-17 22:47 - 000000000 ____D C:\Windows\LastGood
2018-10-17 22:46 - 2018-10-17 22:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-10-17 22:45 - 2018-10-17 22:45 - 000000000 ____D C:\Users\senthamil\AppData\Local\D3DSCache
2018-10-17 22:44 - 2018-10-17 22:56 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2018-10-17 22:43 - 2018-10-17 22:46 - 001205844 _____ C:\Windows\Minidump\101718-20015-01.dmp
2018-10-17 22:42 - 2018-10-17 22:42 - 000290160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2018-10-17 22:42 - 2018-10-17 22:42 - 000000000 ____D C:\Users\senthamil\Downloads\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]
2018-10-17 22:41 - 2018-10-17 23:02 - 000000000 ____D C:\Users\senthamil\AppData\LocalLow\uTorrent
2018-10-17 22:40 - 2018-10-17 23:02 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\uTorrent
2018-10-17 22:36 - 2018-10-17 22:36 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2018-10-17 22:34 - 2018-10-17 22:34 - 000002484 _____ C:\Users\senthamil\Desktop\VPN - Chrome.lnk
2018-10-17 22:34 - 2018-10-17 22:34 - 000002440 _____ C:\Users\senthamil\Desktop\Person 1 - Chrome.lnk
2018-10-17 22:32 - 2018-10-18 08:44 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-17 22:32 - 2018-10-17 22:32 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 001113912 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000236816 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000220472 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000194120 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2018-10-17 22:32 - 2018-10-17 22:32 - 000110568 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000087584 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000003392 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2018-10-17 22:32 - 2018-10-17 22:32 - 000002150 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2018-10-17 22:32 - 2018-10-17 22:32 - 000001253 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-10-17 22:32 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2018-10-17 22:29 - 2018-10-17 22:32 - 000000000 ____D C:\Users\senthamil\AppData\LocalLow\Mozilla
2018-10-17 22:29 - 2018-10-17 22:29 - 000004238 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1539795543
2018-10-17 22:29 - 2018-10-17 22:29 - 000001442 _____ C:\Users\senthamil\Desktop\Opera Browser.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000001442 _____ C:\Users\senthamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Mozilla
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Users\senthamil\AppData\Local\Opera Software
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Users\senthamil\AppData\Local\Mozilla
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-17 22:28 - 2018-10-17 22:30 - 000000000 ____D C:\ProgramData\Packages
2018-10-17 22:28 - 2018-10-17 22:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-17 22:28 - 2018-10-17 22:28 - 001921608 _____ (Opera Software) C:\Users\senthamil\Downloads\OperaSetup.exe
2018-10-17 22:28 - 2018-10-17 22:28 - 000314376 _____ (Igor Pavlov) C:\Users\senthamil\Downloads\Firefox Installer.exe
2018-10-17 22:28 - 2018-10-17 22:28 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Opera Software
2018-10-17 22:20 - 2018-10-17 23:04 - 000021002 _____ C:\Users\senthamil\Downloads\Addition.txt
2018-10-17 22:19 - 2018-10-18 08:50 - 000009958 _____ C:\Users\senthamil\Downloads\FRST.txt
2018-10-17 22:19 - 2018-10-18 08:49 - 000000000 ____D C:\FRST
2018-10-17 22:19 - 2018-10-17 22:19 - 002414592 _____ (Farbar) C:\Users\senthamil\Downloads\FRST64.exe
2018-10-17 22:19 - 2018-10-17 22:19 - 002414592 _____ (Farbar) C:\Users\senthamil\Downloads\FRST64 (1).exe
2018-10-17 22:18 - 2018-10-17 22:18 - 081176816 _____ (Malwarebytes ) C:\Users\senthamil\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7197.exe
2018-10-17 22:17 - 2018-10-17 22:18 - 002682648 _____ (Kaspersky Lab) C:\Users\senthamil\Downloads\startup.exe
2018-10-17 22:16 - 2018-10-18 08:46 - 000793700 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-17 22:16 - 2018-10-17 22:23 - 000000000 ____D C:\Users\senthamil\AppData\Local\Google
2018-10-17 22:16 - 2018-10-17 22:16 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-17 22:16 - 2018-10-17 22:16 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-17 22:16 - 2018-10-17 22:16 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-17 22:16 - 2018-10-17 22:16 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-17 22:16 - 2018-10-17 22:16 - 000000000 ____D C:\Users\senthamil\AppData\Local\Comms
2018-10-17 22:16 - 2018-10-17 22:16 - 000000000 ____D C:\Program Files (x86)\Google
2018-10-17 22:15 - 2018-10-18 08:42 - 000000000 __SHD C:\Users\senthamil\IntelGraphicsProfiles
2018-10-17 22:15 - 2018-10-17 22:52 - 000000000 ____D C:\Program Files\Intel
2018-10-17 22:15 - 2018-10-17 22:47 - 000000000 ____D C:\Program Files (x86)\Intel
2018-10-17 22:15 - 2018-10-17 22:46 - 000000000 ____D C:\Intel
2018-10-17 22:15 - 2018-10-17 22:15 - 000003384 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2979281990-1051702085-116917718-1001
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ___HD C:\Users\senthamil\MicrosoftEdgeBackups
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-10-17 22:15 - 2018-09-19 23:11 - 000072744 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2018-10-17 22:15 - 2018-09-19 23:11 - 000069184 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2018-10-17 22:14 - 2018-10-17 22:15 - 000000000 ___RD C:\Users\senthamil\OneDrive
2018-10-09 20:03 - 2018-10-09 20:03 - 000161080 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000123152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000089168 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000073416 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000045768 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpnpflt.sys
2018-09-19 23:13 - 2018-09-19 23:13 - 004381672 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 004378088 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 002496400 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000958440 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000544744 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000544232 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000528872 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000432616 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000398824 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000398312 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000376296 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000371688 _____ (Intel Corporation) C:\Windows\system32\igfxTray.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000317416 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000246248 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000193512 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000155624 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2018-09-19 23:12 - 2018-09-19 23:12 - 000191476 _____ C:\Windows\system32\resTHA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000184036 _____ C:\Windows\system32\resELL.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000179828 _____ C:\Windows\system32\resRUS.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000165460 _____ C:\Windows\system32\resARA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000164948 _____ C:\Windows\system32\resJPN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000164884 _____ C:\Windows\system32\resHEB.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000160260 _____ C:\Windows\system32\resHUN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000160196 _____ C:\Windows\system32\resFRA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158532 _____ C:\Windows\system32\resKOR.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158388 _____ C:\Windows\system32\resDEU.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158356 _____ C:\Windows\system32\resITA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158148 _____ C:\Windows\system32\resROM.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158052 _____ C:\Windows\system32\resESN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000157652 _____ C:\Windows\system32\resPLK.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000157492 _____ C:\Windows\system32\resSKY.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000157332 _____ C:\Windows\system32\resNLD.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156708 _____ C:\Windows\system32\resPTB.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156628 _____ C:\Windows\system32\resCSY.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156596 _____ C:\Windows\system32\resTRK.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156420 _____ C:\Windows\system32\resPTG.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000155972 _____ C:\Windows\system32\resFIN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000155540 _____ C:\Windows\system32\resHRV.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000155124 _____ C:\Windows\system32\resSVE.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000154964 _____ C:\Windows\system32\resSLV.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000154004 _____ C:\Windows\system32\resNOR.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000153508 _____ C:\Windows\system32\resDAN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000152164 _____ C:\Windows\system32\resENU.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000150404 _____ C:\Windows\system32\resCHT.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000149524 _____ C:\Windows\system32\resCHS.cui
2018-09-19 23:11 - 2018-09-19 23:11 - 022905184 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 017848672 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 011897480 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 010577392 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 008524128 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 006510432 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 004024368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 003694072 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 002037088 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001996640 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001795424 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001768288 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001469984 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001157376 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001153216 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000872472 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000681824 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000659488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000618024 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000616992 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000469072 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000385576 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000381280 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000380712 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000376160 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000357920 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000331616 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000316245 _____ C:\Windows\system32\DisplayAudiox64.cab
2018-09-19 23:11 - 2018-09-19 23:11 - 000295464 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000295264 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000266080 _____ C:\Windows\system32\igfxCPL.cpl
2018-09-19 23:11 - 2018-09-19 23:11 - 000261984 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000231264 _____ C:\Windows\system32\igdde64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000231040 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000227680 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v5059.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000223776 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000219488 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000200472 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000195744 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000194912 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000192864 _____ C:\Windows\SysWOW64\igdde32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000191008 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000172384 _____ C:\Windows\system32\igdail64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000170744 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000165216 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000153952 _____ C:\Windows\SysWOW64\igdail32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000141856 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000107552 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000104288 _____ C:\Windows\system32\IccLibDll_x64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000096608 _____ C:\Windows\system32\igfxCUIServicePS.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000079712 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000072744 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000069984 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000069184 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000042088 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000040800 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020832 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020832 _____ ( ) C:\Windows\system32\igfxDILib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020320 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020320 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000015200 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000015200 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000002568 _____ C:\Windows\system32\iglhxs64.vp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-18 08:46 - 2018-04-12 05:06 - 000000000 ____D C:\Windows\INF
2018-10-18 08:46 - 2018-04-12 02:34 - 000262144 _____ C:\Windows\system32\config\BBI
2018-10-18 08:44 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-18 06:03 - 2018-04-12 05:08 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-10-18 05:12 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-10-18 05:11 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\spool
2018-10-18 05:11 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-10-18 05:07 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\USOPrivate
2018-10-18 05:06 - 2018-04-12 05:08 - 000000000 ___RD C:\Windows\PrintDialog
2018-10-18 05:06 - 2018-04-12 05:08 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-10-18 05:06 - 2018-04-12 02:34 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-10-17 22:32 - 2018-04-12 05:08 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-10-17 22:30 - 2018-04-12 05:08 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-17 22:30 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\AppReadiness
2018-10-07 20:13 - 2014-03-07 09:26 - 000182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3496.dll
2018-09-19 23:11 - 2015-07-31 11:16 - 012327712 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2018-09-19 23:11 - 2015-07-31 11:16 - 004662424 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2018-09-19 23:11 - 2015-07-31 11:15 - 003799872 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2018-09-19 23:11 - 2014-03-07 09:21 - 011050272 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-10-18 05:04
 
==================== End of FRST.txt ============================
 
 
(note: - Sometimes i am getting this error sometimes not getting it. I got this error when i am installing windows 10 itself)
 

Attached Files



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:48 PM

Posted Today, 08:02 AM

Hi,

Other than your System Restore setting nothing suspicious was found in your logs.

ATTENTION: System Restore is disabled
Turn System Restore ON for Drives in Windows 10 - Immediately.
http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
===

You can delete these files in bold.
They were created by your last BSOD.

2018-10-18 08:41 - 2018-10-18 08:42 - 000570004 _____ C:\Windows\Minidump\101818-22203-01.dmp
2018-10-18 08:36 - 2018-10-18 08:36 - 000000000 _____ C:\Windows\Minidump\101818-23890-01.dmp
2018-10-18 05:05 - 2018-10-18 08:41 - 386908870 _____ C:\Windows\MEMORY.DMP
2018-10-18 05:05 - 2018-10-18 05:06 - 000464284 _____ C:\Windows\Minidump\101718-9781-01.dmp
2018-10-17 23:01 - 2018-10-17 23:01 - 001018692 _____ C:\Windows\Minidump\101718-22390-01.dmp
===

Where is this notification pup.adware.heuristic malware coming from?
Can you post the exact information or an image?

Are your Farbar logs are created in Safe Mode.

If you can please run the Farbar program in Normal Mode and post fresh FRST.TXT and ADDITION.TXT logs for my review.
To create a fresh Addition.txt log make sure that the box to create the file is checked.

Any other issues with this computer?

#8 id_866

id_866
  • Topic Starter

  • Members
  • 9 posts
  • ONLINE
  •  

Posted Today, 08:44 AM

pup.adware.heuristic malware- This error came when i scanned desktop before a week using adw cleaner.

 

I formatted all my partitions.created new partition.i have downloaded windows 10 iso from microsoft website and burn in dvd using my laptop

 

after that i installed operating system from dvd

 

i see some folder inside c:\recylcle.bin$ and also file inside D:\system volume information\unknown file of 2.1 Gb(showing as system file)

 

i deleted folder inside in c:\recycle.bin but can't delete file in d:\system volume information\....

 

i cant see system protection tab in my computer -> right click properties->advanced system properties

 

Then after i restarted my pc booted with ubuntu live cd deleted the file inside d:\system volume information folder

 

Then after that i booted to normal mode and can see system protection tab (system restore).pc fine for 5 minutes then

 

Shortly i got same blue screen error and pc restarted

 

1. Do i have to format my pc again and install windows 7 pro or windows 10 pro again and check? because the image downloaded from Microsoft website contains any virus or malware or any files corrupted?

 

2. is my bios is affected with virus or malware or spyware? because when i am trying to install operating system with windows 10 home image itself i am getting your pc ran into problem error like a photo. I had two RAM modules and removed one and checked.then also same problem.maximum time i tried with same windows 10 image.many times formatted but no use.

 

3. I installed ubuntu and it was fine with no issues during installation process.

 

4. seriously i don't know the problem with my pc

 

 

Are your Farbar logs are created in Safe Mode.- yes i done with safe mode. i will try to upload with normal mode.


Edited by id_866, Today, 08:46 AM.


#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:48 PM

Posted Today, 08:54 AM

Hi,

pup.adware.heuristic malware- This error came when i scanned desktop before a week using adw cleaner.


If you are Syncing Opera with other devices the problem may come from it.

Remove it and do not Re-sync until all is well.

Sync, re-sync Opera.
http://help.opera.com/opera/Windows/2393/en/sync.html
===

Then after i restarted my pc booted with ubuntu live cd deleted the file inside d:\system volume information folder

Not a good Idea.
https://support.microsoft.com/en-ca/help/309531/how-to-gain-access-to-the-system-volume-information-folder
===

Shortly i got same blue screen error and pc restarted

Let see what we can find about this BSOD

Please download the free home edition of BlueScreenView to your Desktop from here whocra10.png and install it by double-clicking "whocrashedSetup.exe".
At the end, it will open automatically. Click the "Analyze" button.

Please scroll down the Information window to copy and paste the results in your next reply.

===

#10 id_866

id_866
  • Topic Starter

  • Members
  • 9 posts
  • ONLINE
  •  

Posted Today, 10:40 AM

I have uploaded Farbar Recovery Scan Tool (64 bit) results in normal mode.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by senthamil (administrator) on DESKTOP-99NNQOF (18-10-2018 21:04:14)
Running from C:\Users\senthamil\Downloads
Loaded Profiles: senthamil (Available Profiles: senthamil)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
() C:\Program Files\WindowsApps\Microsoft.Getstarted_6.9.10602.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2018-10-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-09-26] (Intel)
HKU\S-1-5-21-2979281990-1051702085-116917718-1001\...\Run: [uTorrent] => "C:\Users\senthamil\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{3f727633-d815-48a0-8dea-4a5d590eacab}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: 55fhz2tg.default
FF ProfilePath: C:\Users\senthamil\AppData\Roaming\Mozilla\Firefox\Profiles\55fhz2tg.default [2018-10-18]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-10-17]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-17] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Default [2018-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-18]
CHR Extension: (Chrome Media Router) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-18]
CHR Profile: C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-10-17]
CHR Extension: (Slides) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-17]
CHR Extension: (Kaspersky Protection) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-10-17]
CHR Extension: (Docs) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-17]
CHR Extension: (Google Drive) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-17]
CHR Extension: (Sheets) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-17]
CHR Extension: (Click&Clean) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2018-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-17]
CHR Extension: (Gmail) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17]
CHR Profile: C:\Users\senthamil\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-17]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-09-26] (Intel)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [932072 2018-08-11] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [317416 2018-09-19] (Intel Corporation)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe [416560 2018-10-17] (AO Kaspersky Lab)
S2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194280 2018-08-11] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [932072 2018-08-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468240 2013-08-21] (Intel Corporation)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-10-09] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-10-09] (AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-10-09] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [220472 2018-10-17] (AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2018-10-17] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [168760 2018-10-17] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113912 2018-10-17] (AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-10-09] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [48080 2018-02-12] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [236816 2018-10-17] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2018-10-17] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [290160 2018-10-17] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [110568 2018-10-17] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [194120 2018-10-17] (AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [161080 2018-10-09] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WiseUnlock; C:\Windows\WiseUnlock64.sys [33864 2018-10-18] (WiseCleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-18 21:04 - 2018-10-18 21:05 - 000011906 _____ C:\Users\senthamil\Downloads\FRST.txt
2018-10-18 21:02 - 2018-10-18 21:04 - 000647916 _____ C:\Windows\Minidump\101818-32562-01.dmp
2018-10-18 09:31 - 2018-10-18 09:31 - 002969488 _____ (BitTorrent Inc.) C:\Users\senthamil\Downloads\uTorrent.exe
2018-10-18 09:29 - 2018-10-18 09:29 - 000000000 ____D C:\Users\senthamil\AppData\Local\PlaceholderTileLogoFolder
2018-10-18 09:01 - 2018-10-18 09:01 - 000033864 _____ (WiseCleaner.com) C:\Windows\WiseUnlock64.sys
2018-10-18 09:01 - 2018-10-18 09:01 - 000001264 _____ C:\Users\Public\Desktop\Wise Force Deleter.lnk
2018-10-18 09:01 - 2018-10-18 09:01 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Wise Force Deleter
2018-10-18 09:01 - 2018-10-18 09:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Force Deleter
2018-10-18 09:01 - 2018-10-18 09:01 - 000000000 ____D C:\Program Files (x86)\Wise
2018-10-18 08:58 - 2018-10-18 08:58 - 000000000 ____D C:\AdwCleaner
2018-10-18 08:49 - 2018-10-18 08:50 - 000128046 _____ C:\Windows\ntbtlog.txt
2018-10-18 08:49 - 2018-10-18 08:49 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2018-10-18 08:41 - 2018-10-18 08:42 - 000570004 _____ C:\Windows\Minidump\101818-22203-01.dmp
2018-10-18 08:36 - 2018-10-18 08:36 - 000000000 _____ C:\Windows\Minidump\101818-23890-01.dmp
2018-10-18 08:25 - 2018-10-18 08:25 - 000000080 ___SH C:\bootTel.dat
2018-10-18 06:03 - 2018-10-18 05:08 - 000000000 ____D C:\Windows\Panther
2018-10-18 05:13 - 2018-10-18 05:13 - 000001417 _____ C:\Users\senthamil\Desktop\Microsoft Edge.lnk
2018-10-18 05:13 - 2018-10-18 05:13 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-10-18 05:13 - 2018-10-17 22:15 - 000000000 ____D C:\Users\senthamil\AppData\Local\MicrosoftEdge
2018-10-18 05:12 - 2018-10-18 05:12 - 000000020 ___SH C:\Users\senthamil\ntuser.ini
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ___RD C:\Users\senthamil\3D Objects
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Adobe
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\VirtualStore
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\Publishers
2018-10-18 05:12 - 2018-10-18 05:12 - 000000000 ____D C:\Users\senthamil\AppData\Local\ConnectedDevicesPlatform
2018-10-18 05:12 - 2018-10-17 22:55 - 000000000 ____D C:\Users\senthamil
2018-10-18 05:12 - 2018-10-17 22:30 - 000000000 ____D C:\Users\senthamil\AppData\Local\Packages
2018-10-18 05:12 - 2018-10-17 22:15 - 000002375 _____ C:\Users\senthamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-18 05:11 - 2018-04-12 05:03 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-10-18 05:09 - 2018-10-18 05:09 - 000000000 _SHDL C:\Documents and Settings
2018-10-18 05:07 - 2018-10-18 05:07 - 000000000 ____D C:\ProgramData\USOShared
2018-10-18 05:05 - 2018-10-18 21:02 - 430320070 _____ C:\Windows\MEMORY.DMP
2018-10-18 05:05 - 2018-10-18 21:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-18 05:05 - 2018-10-18 21:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-10-18 05:05 - 2018-10-18 21:02 - 000000000 ____D C:\Windows\Minidump
2018-10-18 05:05 - 2018-10-18 05:06 - 000464284 _____ C:\Windows\Minidump\101718-9781-01.dmp
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-10-18 05:05 - 2018-10-18 05:05 - 000000000 ____D C:\Windows\ServiceProfiles
2018-10-18 05:04 - 2018-10-18 05:05 - 000233856 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-17 23:01 - 2018-10-17 23:01 - 001018692 _____ C:\Windows\Minidump\101718-22390-01.dmp
2018-10-17 23:01 - 2018-10-17 23:01 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-17 23:00 - 2018-10-17 23:00 - 000000000 ____D C:\Users\senthamil\AppData\Local\DBG
2018-10-17 22:57 - 2018-10-17 22:57 - 000019286 _____ C:\Windows\system32\results.xml
2018-10-17 22:53 - 2018-10-17 22:53 - 000000000 ____D C:\Users\senthamil\Downloads\Intel Driver and Support Assistant
2018-10-17 22:52 - 2018-10-17 22:53 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-10-17 22:52 - 2018-10-17 22:52 - 000003762 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2018-10-17 22:52 - 2018-10-17 22:52 - 000003528 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2018-10-17 22:52 - 2018-10-17 22:52 - 000002678 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2018-10-17 22:52 - 2018-10-17 22:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-17 22:52 - 2018-10-17 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2018-10-17 22:52 - 2018-10-17 22:52 - 000000000 ____D C:\ProgramData\Intel
2018-10-17 22:52 - 2018-08-11 07:21 - 000043008 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2018-10-17 22:51 - 2014-03-13 01:46 - 000403256 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2018-10-17 22:51 - 2014-03-13 01:31 - 000001904 ____N C:\Windows\system32\SetupBD.din
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____D C:\Program Files\Realtek
2018-10-17 22:48 - 2018-10-17 22:48 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-10-17 22:48 - 2018-10-07 20:14 - 002162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 060955136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-10-17 22:48 - 2018-10-07 20:13 - 028343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 014863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 012894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 006218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2018-10-17 22:48 - 2018-10-07 20:13 - 005751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 003959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 003956056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-10-17 22:48 - 2018-10-07 20:13 - 002834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002117424 _____ C:\Windows\system32\SStudio.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 002041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-10-17 22:48 - 2018-10-07 20:13 - 001939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001057494 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-10-17 22:48 - 2018-10-07 20:13 - 001048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 001022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000033592 _____ C:\Windows\system32\audioLibVc.dll
2018-10-17 22:48 - 2018-10-07 20:13 - 000014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-10-17 22:48 - 2012-08-31 19:18 - 007164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-10-17 22:48 - 2012-08-31 19:17 - 000075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-10-17 22:47 - 2018-10-17 22:47 - 000000000 ____D C:\Windows\LastGood
2018-10-17 22:46 - 2018-10-17 22:46 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-10-17 22:45 - 2018-10-17 22:45 - 000000000 ____D C:\Users\senthamil\AppData\Local\D3DSCache
2018-10-17 22:44 - 2018-10-17 22:56 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2018-10-17 22:42 - 2018-10-17 22:42 - 000290160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2018-10-17 22:42 - 2018-10-17 22:42 - 000000000 ____D C:\Users\senthamil\Downloads\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]
2018-10-17 22:41 - 2018-10-17 23:02 - 000000000 ____D C:\Users\senthamil\AppData\LocalLow\uTorrent
2018-10-17 22:40 - 2018-10-17 23:02 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\uTorrent
2018-10-17 22:36 - 2018-10-17 22:36 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2018-10-17 22:34 - 2018-10-17 22:34 - 000002484 _____ C:\Users\senthamil\Desktop\VPN - Chrome.lnk
2018-10-17 22:34 - 2018-10-17 22:34 - 000002440 _____ C:\Users\senthamil\Desktop\Person 1 - Chrome.lnk
2018-10-17 22:32 - 2018-10-18 21:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-17 22:32 - 2018-10-17 22:32 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 001113912 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000236816 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000220472 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000194120 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2018-10-17 22:32 - 2018-10-17 22:32 - 000110568 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000087584 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2018-10-17 22:32 - 2018-10-17 22:32 - 000003392 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2018-10-17 22:32 - 2018-10-17 22:32 - 000002150 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2018-10-17 22:32 - 2018-10-17 22:32 - 000001253 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-17 22:32 - 2018-10-17 22:32 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-10-17 22:32 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2018-10-17 22:29 - 2018-10-18 21:03 - 000000000 ____D C:\Users\senthamil\AppData\LocalLow\Mozilla
2018-10-17 22:29 - 2018-10-17 22:29 - 000004238 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1539795543
2018-10-17 22:29 - 2018-10-17 22:29 - 000001442 _____ C:\Users\senthamil\Desktop\Opera Browser.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000001442 _____ C:\Users\senthamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Mozilla
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Users\senthamil\AppData\Local\Opera Software
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Users\senthamil\AppData\Local\Mozilla
2018-10-17 22:29 - 2018-10-17 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-17 22:28 - 2018-10-17 22:30 - 000000000 ____D C:\ProgramData\Packages
2018-10-17 22:28 - 2018-10-17 22:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-17 22:28 - 2018-10-17 22:28 - 001921608 _____ (Opera Software) C:\Users\senthamil\Downloads\OperaSetup.exe
2018-10-17 22:28 - 2018-10-17 22:28 - 000314376 _____ (Igor Pavlov) C:\Users\senthamil\Downloads\Firefox Installer.exe
2018-10-17 22:28 - 2018-10-17 22:28 - 000000000 ____D C:\Users\senthamil\AppData\Roaming\Opera Software
2018-10-17 22:19 - 2018-10-18 21:04 - 000000000 ____D C:\FRST
2018-10-17 22:19 - 2018-10-17 22:19 - 002414592 _____ (Farbar) C:\Users\senthamil\Downloads\FRST64.exe
2018-10-17 22:19 - 2018-10-17 22:19 - 002414592 _____ (Farbar) C:\Users\senthamil\Downloads\FRST64 (1).exe
2018-10-17 22:18 - 2018-10-17 22:18 - 081176816 _____ (Malwarebytes ) C:\Users\senthamil\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7197.exe
2018-10-17 22:17 - 2018-10-17 22:18 - 002682648 _____ (Kaspersky Lab) C:\Users\senthamil\Downloads\startup.exe
2018-10-17 22:16 - 2018-10-18 09:31 - 000793764 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-17 22:16 - 2018-10-17 22:23 - 000000000 ____D C:\Users\senthamil\AppData\Local\Google
2018-10-17 22:16 - 2018-10-17 22:16 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-17 22:16 - 2018-10-17 22:16 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-17 22:16 - 2018-10-17 22:16 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-17 22:16 - 2018-10-17 22:16 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-17 22:16 - 2018-10-17 22:16 - 000000000 ____D C:\Users\senthamil\AppData\Local\Comms
2018-10-17 22:16 - 2018-10-17 22:16 - 000000000 ____D C:\Program Files (x86)\Google
2018-10-17 22:15 - 2018-10-18 21:03 - 000000000 __SHD C:\Users\senthamil\IntelGraphicsProfiles
2018-10-17 22:15 - 2018-10-17 22:52 - 000000000 ____D C:\Program Files\Intel
2018-10-17 22:15 - 2018-10-17 22:47 - 000000000 ____D C:\Program Files (x86)\Intel
2018-10-17 22:15 - 2018-10-17 22:46 - 000000000 ____D C:\Intel
2018-10-17 22:15 - 2018-10-17 22:15 - 000003384 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2979281990-1051702085-116917718-1001
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ___HD C:\Users\senthamil\MicrosoftEdgeBackups
2018-10-17 22:15 - 2018-10-17 22:15 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-10-17 22:15 - 2018-09-19 23:11 - 000072744 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2018-10-17 22:15 - 2018-09-19 23:11 - 000069184 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2018-10-17 22:14 - 2018-10-17 22:15 - 000000000 ___RD C:\Users\senthamil\OneDrive
2018-10-09 20:03 - 2018-10-09 20:03 - 000161080 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000123152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000089168 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000073416 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys
2018-10-09 20:03 - 2018-10-09 20:03 - 000045768 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpnpflt.sys
2018-09-19 23:13 - 2018-09-19 23:13 - 004381672 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 004378088 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 002496400 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000958440 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000544744 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000544232 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000528872 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000432616 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000398824 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000398312 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000376296 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000371688 _____ (Intel Corporation) C:\Windows\system32\igfxTray.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000317416 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000246248 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000193512 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2018-09-19 23:13 - 2018-09-19 23:13 - 000155624 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2018-09-19 23:12 - 2018-09-19 23:12 - 000191476 _____ C:\Windows\system32\resTHA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000184036 _____ C:\Windows\system32\resELL.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000179828 _____ C:\Windows\system32\resRUS.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000165460 _____ C:\Windows\system32\resARA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000164948 _____ C:\Windows\system32\resJPN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000164884 _____ C:\Windows\system32\resHEB.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000160260 _____ C:\Windows\system32\resHUN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000160196 _____ C:\Windows\system32\resFRA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158532 _____ C:\Windows\system32\resKOR.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158388 _____ C:\Windows\system32\resDEU.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158356 _____ C:\Windows\system32\resITA.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158148 _____ C:\Windows\system32\resROM.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000158052 _____ C:\Windows\system32\resESN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000157652 _____ C:\Windows\system32\resPLK.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000157492 _____ C:\Windows\system32\resSKY.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000157332 _____ C:\Windows\system32\resNLD.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156708 _____ C:\Windows\system32\resPTB.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156628 _____ C:\Windows\system32\resCSY.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156596 _____ C:\Windows\system32\resTRK.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000156420 _____ C:\Windows\system32\resPTG.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000155972 _____ C:\Windows\system32\resFIN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000155540 _____ C:\Windows\system32\resHRV.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000155124 _____ C:\Windows\system32\resSVE.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000154964 _____ C:\Windows\system32\resSLV.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000154004 _____ C:\Windows\system32\resNOR.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000153508 _____ C:\Windows\system32\resDAN.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000152164 _____ C:\Windows\system32\resENU.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000150404 _____ C:\Windows\system32\resCHT.cui
2018-09-19 23:12 - 2018-09-19 23:12 - 000149524 _____ C:\Windows\system32\resCHS.cui
2018-09-19 23:11 - 2018-09-19 23:11 - 022905184 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 017848672 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 011897480 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 010577392 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 008524128 _____ (Intel Corporation) C:\Windows\system32\ig7icd64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 006510432 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 004024368 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 003694072 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 002037088 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001996640 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001795424 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001768288 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001469984 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001157376 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 001153216 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000872472 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000681824 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000659488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000618024 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000616992 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000469072 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000385576 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000381280 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000380712 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000376160 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000357920 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000331616 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000316245 _____ C:\Windows\system32\DisplayAudiox64.cab
2018-09-19 23:11 - 2018-09-19 23:11 - 000295464 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000295264 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000266080 _____ C:\Windows\system32\igfxCPL.cpl
2018-09-19 23:11 - 2018-09-19 23:11 - 000261984 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000231264 _____ C:\Windows\system32\igdde64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000231040 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000227680 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v5059.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000223776 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000219488 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000200472 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000195744 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000194912 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000192864 _____ C:\Windows\SysWOW64\igdde32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000191008 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000172384 _____ C:\Windows\system32\igdail64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000170744 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000165216 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000153952 _____ C:\Windows\SysWOW64\igdail32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000141856 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000107552 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000104288 _____ C:\Windows\system32\IccLibDll_x64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000096608 _____ C:\Windows\system32\igfxCUIServicePS.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000079712 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000072744 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000069984 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000069184 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000042088 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000040800 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020832 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020832 _____ ( ) C:\Windows\system32\igfxDILib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020320 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000020320 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000015200 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000015200 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2018-09-19 23:11 - 2018-09-19 23:11 - 000002568 _____ C:\Windows\system32\iglhxs64.vp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-18 21:04 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-18 09:31 - 2018-04-12 05:06 - 000000000 ____D C:\Windows\INF
2018-10-18 09:03 - 2018-04-12 02:34 - 000262144 _____ C:\Windows\system32\config\BBI
2018-10-18 06:03 - 2018-04-12 05:08 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-10-18 05:12 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-10-18 05:11 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\spool
2018-10-18 05:11 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-10-18 05:07 - 2018-04-12 05:08 - 000000000 ____D C:\ProgramData\USOPrivate
2018-10-18 05:06 - 2018-04-12 05:08 - 000000000 ___RD C:\Windows\PrintDialog
2018-10-18 05:06 - 2018-04-12 05:08 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-10-18 05:06 - 2018-04-12 02:34 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-10-17 22:32 - 2018-04-12 05:08 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-10-17 22:30 - 2018-04-12 05:08 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-17 22:30 - 2018-04-12 05:08 - 000000000 ____D C:\Windows\AppReadiness
2018-10-07 20:13 - 2014-03-07 09:26 - 000182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3496.dll
2018-09-19 23:11 - 2015-07-31 11:16 - 012327712 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2018-09-19 23:11 - 2015-07-31 11:16 - 004662424 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2018-09-19 23:11 - 2015-07-31 11:15 - 003799872 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2018-09-19 23:11 - 2014-03-07 09:21 - 011050272 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-18 05:04

==================== End of FRST.txt ============================

 

 

Attached Files



#11 id_866

id_866
  • Topic Starter

  • Members
  • 9 posts
  • ONLINE
  •  

Posted Today, 11:34 AM

">http://2vb7nfk.png - blue screen image error






2 user(s) are reading this topic

1 members, 1 guests, 0 anonymous users


    id_866