Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2018 Ran by Nicolas Mazzon (administrator) on DESKTOP-S7GCF3Q (21-04-2018 08:28:03) Running from C:\Users\Nicolas Mazzon\Desktop Loaded Profiles: Nicolas Mazzon (Available Profiles: Nicolas Mazzon) Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (TOSHIBA CORPORATION) C:\Windows\System32\cgiukthsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.35\LightingService.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe () C:\Program Files (x86)\LightingService\1.00.35\AsRogAuraGpuDllServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Spotify Ltd) C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\Spotify.exe () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe (Spotify Ltd) C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\Spotify.exe (Discord Inc.) C:\Users\Nicolas Mazzon\AppData\Local\Discord\app-0.0.300\Discord.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe (Discord Inc.) C:\Users\Nicolas Mazzon\AppData\Local\Discord\app-0.0.300\Discord.exe (Spotify Ltd) C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\SpotifyWebHelper.exe (VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe (Discord Inc.) C:\Users\Nicolas Mazzon\AppData\Local\Discord\app-0.0.300\Discord.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Users\Nicolas Mazzon\AppData\Local\rtbcank\exarcit.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\Nicolas Mazzon\AppData\Local\exhowrp\exhowrp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.96_none_2c40cc7f3876f2b7\TiWorker.exe (Exodus Movement Inc) C:\Users\Nicolas Mazzon\AppData\Local\exodus-eden\app-1.45.0\ExodusEden.exe (Exodus Movement Inc) C:\Users\Nicolas Mazzon\AppData\Local\exodus-eden\app-1.45.0\ExodusEden.exe (Exodus Movement Inc) C:\Users\Nicolas Mazzon\AppData\Local\exodus-eden\app-1.45.0\ExodusEden.exe (Exodus Movement Inc) C:\Users\Nicolas Mazzon\AppData\Local\exodus-eden\app-1.45.0\ExodusEden.exe (Exodus Movement Inc) C:\Users\Nicolas Mazzon\AppData\Local\exodus-eden\app-1.45.0\ExodusEden.exe (Exodus Movement Inc) C:\Users\Nicolas Mazzon\AppData\Local\exodus-eden\app-1.45.0\ExodusEden.exe (Exodus Movement Inc) C:\Users\Nicolas Mazzon\AppData\Local\exodus-eden\app-1.45.0\ExodusEden.exe () C:\Users\Nicolas Mazzon\AppData\Local\exhowrp\usrxzme.exe () C:\Users\Nicolas Mazzon\AppData\Local\exhowrp\usrxzme.exe () C:\Users\Nicolas Mazzon\AppData\Local\exhowrp\usrxzme.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\Nicolas Mazzon\AppData\Local\exhowrp\usrxzme.exe () C:\Users\Nicolas Mazzon\AppData\Local\exhowrp\usrxzme.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation) HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1598920 2017-06-30] (Razer Inc) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer Inc.) HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-02] (Valve Corporation) HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [Spotify] => C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\Spotify.exe [22454160 2018-03-29] (Spotify Ltd) HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [GameDog] => "C:\Program Files (x86)\GameDog\GameDog.exe" /StartMinimized HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [1370600 2018-04-01] () HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [Discord] => C:\Users\Nicolas Mazzon\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.) HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd) HKU\S-1-5-21-1361136488-2336437257-4009925153-1001\...\Run: [Spotify Web Helper] => C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-03-29] (Spotify Ltd) Startup: C:\Users\Nicolas Mazzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2018-02-26] ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (VB-AUDIO Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{df7dd565-558d-4072-9453-a654770f3dfb}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{ebae5a41-8242-4500-bc2a-7d801b7b68b6}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1361136488-2336437257-4009925153-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-26] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-26] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-26] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-26] (Oracle Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-26] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-26] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-26] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-26] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchKeyword: Default -> lp CHR Profile: C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default [2018-04-21] CHR Extension: (Slides) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-26] CHR Extension: (Dark Theme for Google Chrome) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2018-02-26] CHR Extension: (Docs) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-26] CHR Extension: (Google Drive) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-26] CHR Extension: (Ledger Manager) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2018-03-07] CHR Extension: (YouTube) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-26] CHR Extension: (Adblock Plus) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-04-18] CHR Extension: (Floating for YouTube™ Extension) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2018-02-26] CHR Extension: (Sheets) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26] CHR Extension: (Google Docs Offline) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-26] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-04-13] CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2018-03-28] CHR Extension: (Floating for YouTube™) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2018-02-26] CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2018-04-17] CHR Extension: (Chrome Web Store Payments) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-26] CHR Extension: (Gmail) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-26] CHR Extension: (Chrome Media Router) - C:\Users\Nicolas Mazzon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-26] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKLM\SYSTEM\CurrentControlSet\Services\skcpdav <==== ATTENTION (Rootkit!) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\2.00.06\atkexComSvc.exe [411456 2017-11-23] (ASUSTeK Computer Inc.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-03] (AVAST Software) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-03] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-03-27] () R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [19552 2015-12-14] (Olof Lagerkvist) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation) R2 LightingService; C:\Program Files (x86)\LightingService\1.00.35\LightingService.exe [1224664 2017-11-24] (ASUSTek Computer Inc.) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-23] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-23] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-13] (Microsoft Corporation) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142440 2017-12-14] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 1864d068d501128776; D:\cheaterino\1864d068d501128776.sys [33560 2018-03-17] () <==== ATTENTION Necurs Rootkit? R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [34696 2017-10-10] (Advanced Micro Devices, Inc) R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [33144 2017-10-16] (Advanced Micro Devices, Inc) S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. ) R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-03-06] (Advanced Micro Devices) R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [137104 2017-11-07] (Advanced Micro Devices, Inc. ) R2 AMDRyzenMasterDriver; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70304 2017-11-16] (Advanced Micro Devices) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-11-23] () R2 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [21048 2015-12-14] (Olof Lagerkvist) S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [1832880 2018-04-09] () R3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA) R3 cpuz139; C:\Users\Nicolas Mazzon\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [43312 2018-04-20] (CPUID) <==== ATTENTION S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 e1rexpress; C:\Windows\system32\DRIVERS\e1r65x64.sys [540112 2016-07-29] (Intel Corporation) S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2018-04-14] () R2 ImDisk; C:\Windows\system32\DRIVERS\imdisk.sys [48704 2015-12-14] (Olof Lagerkvist) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc.) R1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2018-04-03] () S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2017-09-29] (MediaTek Inc.) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_feeae1f6d39029e5\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-23] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [58816 2018-03-15] (NVIDIA Corporation) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] () R3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-02-26] (Realtek Semiconductor Corp.) S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer Inc) S3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [44048 2016-10-30] (Razer Inc) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [44080 2016-09-27] (Nefarius Software Solutions) S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [151552 2017-09-29] (Microsoft Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2018-02-26] (Windows (R) Win 7 DDK provider) R3 vjoy; C:\Windows\System32\drivers\vjoy.sys [57976 2017-04-06] (Shaul Eizikovich) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) S1 aswArPot; system32\drivers\aswArPot.sys [X] S1 aswbidsdriver; system32\drivers\aswbidsdrivera.sys [X] S0 aswbidsh; system32\drivers\aswbidsha.sys [X] S0 aswblog; system32\drivers\aswbloga.sys [X] S0 aswbuniv; system32\drivers\aswbuniva.sys [X] S3 aswHwid; system32\drivers\aswHwid.sys [X] S2 aswMonFlt; system32\drivers\aswMonFlt.sys [X] S1 aswRdr; system32\drivers\aswRdr2.sys [X] S0 aswRvrt; system32\drivers\aswRvrt.sys [X] S1 aswSnx; system32\drivers\aswSnx.sys [X] S1 aswSP; system32\drivers\aswSP.sys [X] S2 aswStm; system32\drivers\aswStm.sys [X] S0 aswVmm; system32\drivers\aswVmm.sys [X] S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X] R3 ilpsvy; system32\drivers\osvycf.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-21 08:28 - 2018-04-21 08:28 - 000023332 _____ C:\Users\Nicolas Mazzon\Desktop\FRST.txt 2018-04-21 08:27 - 2018-04-21 08:27 - 002404352 _____ (Farbar) C:\Users\Nicolas Mazzon\Desktop\FRST64.exe 2018-04-21 08:23 - 2018-04-21 08:23 - 005800224 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicolas Mazzon\Downloads\SpyHunter-Installer.exe 2018-04-20 16:59 - 2018-04-20 16:59 - 001235408 _____ (GridinSoft LLC) C:\Users\Nicolas Mazzon\Downloads\setup.exe 2018-04-20 16:58 - 2018-04-20 16:58 - 068724528 _____ (Malwarebytes ) C:\Users\Nicolas Mazzon\Downloads\mb3-setup-SEM100.SEM100-3.4.4.2398-1.0.322-1.0.4190.exe 2018-04-20 16:26 - 2018-04-20 16:26 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\VirtualStore 2018-04-20 16:22 - 2018-04-20 16:22 - 000142672 ____N C:\Windows\system32\Drivers\snhilorv.sys 2018-04-19 20:32 - 2018-04-19 20:32 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-04-19 20:16 - 2018-04-19 20:16 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\566591B5.sys 2018-04-18 18:44 - 2018-04-18 18:44 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\4715F14F.sys 2018-04-18 18:25 - 2018-04-18 18:44 - 000000000 ____D C:\ESD 2018-04-18 18:24 - 2018-04-18 18:24 - 018617536 _____ (Microsoft Corporation) C:\Users\Nicolas Mazzon\Downloads\MediaCreationTool.exe 2018-04-18 18:24 - 2018-04-18 18:24 - 000000000 ___HD C:\$Windows.~WS 2018-04-18 18:24 - 2018-04-18 18:24 - 000000000 ____D C:\$WINDOWS.~BT 2018-04-18 18:15 - 2018-04-21 08:28 - 000000000 ____D C:\FRST 2018-04-18 18:11 - 2018-04-18 18:12 - 000000000 ____D C:\AdwCleaner 2018-04-18 18:11 - 2018-04-18 18:11 - 007256272 _____ (Malwarebytes) C:\Users\Nicolas Mazzon\Downloads\adwcleaner_7.1.0.0.exe 2018-04-18 18:08 - 2018-04-20 16:28 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-04-18 18:08 - 2018-04-18 18:08 - 073324664 _____ (Malwarebytes ) C:\Users\Nicolas Mazzon\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4778.exe 2018-04-18 18:08 - 2018-04-18 18:08 - 000000000 ____D C:\Program Files\Malwarebytes 2018-04-14 21:11 - 2018-04-14 21:11 - 001084408 _____ C:\Users\Nicolas Mazzon\Downloads\8HroEEkA71eK4BB0eU2.exe 2018-04-14 12:50 - 2018-04-14 12:50 - 041298736 _____ C:\Users\Nicolas Mazzon\Downloads\HourBoostr-3.2.1.zip 2018-04-14 12:50 - 2018-04-14 12:50 - 000000000 ____D C:\Users\Nicolas Mazzon\Desktop\HourBoostr-3.2.1 2018-04-14 12:37 - 2018-04-14 12:37 - 000193024 _____ C:\Users\Nicolas Mazzon\Downloads\spo_activate.exe 2018-04-14 12:37 - 2018-01-09 22:08 - 000003087 _____ C:\Windows\system32\Drivers\etc\hosts.smef 2018-04-14 12:33 - 2018-04-14 12:33 - 000216064 _____ C:\Users\Nicolas Mazzon\Downloads\win_activate.exe 2018-04-14 11:40 - 2018-04-14 11:40 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\ElevatedDiagnostics 2018-04-13 18:44 - 2018-04-13 18:44 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\monero-project 2018-04-13 18:44 - 2018-04-13 18:44 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\cache 2018-04-13 18:44 - 2018-04-13 18:44 - 000000000 ____D C:\ProgramData\.shared-ringdb 2018-04-13 18:43 - 2018-04-13 18:44 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\monero-gui-v0.12.0.0 2018-04-13 18:43 - 2018-04-13 18:43 - 000000844 _____ C:\Users\Nicolas Mazzon\Desktop\monero wallet.lnk 2018-04-13 18:42 - 2018-04-13 18:43 - 113437678 _____ C:\Users\Nicolas Mazzon\Downloads\monero-gui-win-x64-v0.12.0.0.zip 2018-04-13 18:29 - 2018-04-13 18:29 - 011485449 _____ C:\Users\Nicolas Mazzon\Downloads\xmr-stak-win64.zip 2018-04-13 15:59 - 2018-04-13 16:00 - 000000000 ____D C:\Users\Nicolas Mazzon\Desktop\Indawoods 1.2 2018-04-12 19:26 - 2018-04-12 19:26 - 001896319 _____ C:\Users\Nicolas Mazzon\Downloads\AutoJunk-master.zip 2018-04-12 19:07 - 2018-04-12 19:07 - 000000912 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMProtect Demo.lnk 2018-04-12 19:07 - 2018-04-12 19:07 - 000000000 ____D C:\Users\Public\Documents\VMProtect 2018-04-12 19:07 - 2018-04-12 19:07 - 000000000 ____D C:\ProgramData\VMProtect Software 2018-04-12 19:07 - 2018-04-12 19:07 - 000000000 ____D C:\Program Files\VMProtect Demo 2018-04-12 19:06 - 2018-04-12 19:06 - 068185312 _____ (VMProtect Software ) C:\Users\Nicolas Mazzon\Downloads\VMProtectDemo.exe 2018-04-11 19:38 - 2018-04-11 19:38 - 125326374 _____ C:\Users\Nicolas Mazzon\Downloads\resolve.zip 2018-04-11 19:31 - 2018-04-11 19:31 - 026194416 _____ (Razer USA Ltd) C:\Users\Nicolas Mazzon\Downloads\Razer_Synapse_Installer_v2.21.00.830.exe 2018-04-11 19:31 - 2018-04-11 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2018-04-11 19:31 - 2018-04-11 19:31 - 000000000 ____D C:\Program Files (x86)\PKGInstaller 2018-04-11 17:20 - 2018-04-11 17:20 - 000000000 ____D C:\Program Files\ImDisk 2018-04-11 17:19 - 2018-04-11 17:19 - 000572899 _____ C:\Users\Nicolas Mazzon\Downloads\ImDiskTk-x64 (1).exe 2018-04-11 17:19 - 2016-08-26 10:12 - 000000674 _____ C:\Windows\SysWOW64\imdisk.cpl.manifest 2018-04-11 17:19 - 2016-08-26 10:12 - 000000674 _____ C:\Windows\system32\imdisk.cpl.manifest 2018-04-11 17:19 - 2016-08-23 17:57 - 000001547 _____ C:\Windows\system32\uninstall_imdisk.cmd 2018-04-11 17:19 - 2015-12-14 19:20 - 000048704 _____ (Olof Lagerkvist) C:\Windows\system32\Drivers\imdisk.sys 2018-04-11 17:19 - 2015-12-14 19:20 - 000021048 _____ (Olof Lagerkvist) C:\Windows\system32\Drivers\awealloc.sys 2018-04-11 17:19 - 2015-12-14 19:19 - 000051304 _____ (Olof Lagerkvist) C:\Windows\SysWOW64\imdisk.exe 2018-04-11 17:19 - 2015-12-14 19:19 - 000051304 _____ (Olof Lagerkvist) C:\Windows\system32\imdisk.exe 2018-04-11 17:19 - 2015-12-14 19:19 - 000019552 _____ (Olof Lagerkvist) C:\Windows\system32\imdsksvc.exe 2018-04-11 17:19 - 2015-12-14 19:18 - 000119920 _____ (Olof Lagerkvist) C:\Windows\system32\imdisk.cpl 2018-04-11 17:19 - 2015-12-14 19:18 - 000108656 _____ (Olof Lagerkvist) C:\Windows\SysWOW64\imdisk.cpl 2018-04-10 18:54 - 2018-04-10 18:54 - 000552478 _____ C:\Users\Nicolas Mazzon\Downloads\Overwatch FPS Increase Pack V2.zip 2018-04-10 17:39 - 2018-04-10 18:54 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\Overwatch 2018-04-10 17:38 - 2018-04-10 17:38 - 000000892 _____ C:\Users\Public\Desktop\Overwatch.lnk 2018-04-10 17:38 - 2018-04-10 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2018-04-10 16:59 - 2018-04-14 14:09 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Battle.net 2018-04-10 16:59 - 2018-04-10 18:54 - 000000000 ____D C:\Program Files (x86)\Overwatch 2018-04-10 16:59 - 2018-04-10 17:39 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Battle.net 2018-04-10 16:59 - 2018-04-10 16:59 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Blizzard Entertainment 2018-04-10 16:59 - 2018-04-10 16:59 - 000000000 ____D C:\ProgramData\Blizzard Entertainment 2018-04-10 16:58 - 2018-04-10 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2018-04-10 16:57 - 2018-04-14 14:09 - 000000000 ____D C:\Program Files (x86)\Battle.net 2018-04-10 16:57 - 2018-04-10 16:57 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Blizzard 2018-04-10 16:57 - 2018-04-10 16:57 - 000000000 ____D C:\ProgramData\Battle.net 2018-04-10 16:56 - 2018-04-10 16:57 - 003949552 _____ (Blizzard Entertainment) C:\Users\Nicolas Mazzon\Downloads\Overwatch-Setup.exe 2018-04-10 16:16 - 2018-04-10 16:16 - 041944368 ____C C:\RAMDisk.img 2018-04-10 16:15 - 2018-04-20 18:38 - 000000000 ____D C:\Program Files (x86)\Radeon RAMDisk 2018-04-10 16:15 - 2018-04-10 16:15 - 008335360 _____ C:\Users\Nicolas Mazzon\Downloads\Radeon_RAMDisk_4_4_0_RC36.msi 2018-04-10 16:15 - 2018-04-10 16:15 - 000086680 _____ (Dataram, Inc.) C:\Windows\system32\Drivers\RAMDiskVE.sys 2018-04-10 16:15 - 2018-04-10 16:15 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Dataram_Corporation 2018-04-09 19:11 - 2018-04-11 19:31 - 000000000 ____D C:\Program Files (x86)\Razer 2018-04-09 19:11 - 2018-04-09 19:41 - 000000000 ____D C:\ProgramData\bitmonero 2018-04-09 19:11 - 2018-04-09 19:11 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\Monero 2018-04-09 19:04 - 2018-04-09 19:05 - 105208551 _____ C:\Users\Nicolas Mazzon\Downloads\monero-gui-win-x64-v0.10.3.1.zip 2018-04-09 19:00 - 2018-04-09 19:00 - 026190216 _____ (Razer USA Ltd) C:\Users\Nicolas Mazzon\Downloads\Razer_Synapse_Installer_v2.21.18.115.exe 2018-04-09 17:37 - 2018-04-09 17:38 - 009972814 _____ C:\Users\Nicolas Mazzon\Downloads\smef-s-Indigo-Remasterd-master.zip 2018-04-09 17:04 - 2018-04-09 17:04 - 002162176 _____ C:\Users\Nicolas Mazzon\Downloads\PenguR15.dll 2018-04-08 20:24 - 2018-04-10 18:27 - 000000000 ____D C:\Users\Nicolas Mazzon\Desktop\Indawoods 1.1 2018-04-08 19:53 - 2018-04-08 19:53 - 000099435 _____ C:\Users\Nicolas Mazzon\Downloads\arrow_crafter.zip 2018-04-07 17:54 - 2018-04-07 17:54 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-04-07 17:54 - 2017-12-08 18:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll 2018-04-07 17:54 - 2017-12-08 18:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2018-04-07 17:54 - 2017-12-08 18:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll 2018-04-07 17:54 - 2017-12-08 18:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe 2018-04-06 13:27 - 2018-04-06 13:27 - 000171676 _____ C:\Users\Nicolas Mazzon\Downloads\Roboto-Regular.ttf 2018-04-06 12:19 - 2018-04-11 17:20 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImDisk 2018-04-06 12:19 - 2018-04-06 12:19 - 045918843 _____ C:\Users\Nicolas Mazzon\Downloads\Windows6.1-KB3033929-x64.msu 2018-04-06 12:19 - 2018-04-06 12:19 - 000572899 _____ C:\Users\Nicolas Mazzon\Downloads\ImDiskTk-x64.exe 2018-04-06 11:22 - 2018-04-06 11:22 - 000000000 ____D C:\Indawoods 2018-04-06 09:45 - 2018-04-06 09:49 - 000000000 ____D C:\Indigo 2018-04-06 09:33 - 2018-04-06 09:33 - 004408503 _____ C:\Users\Nicolas Mazzon\Downloads\MM INJ MAR 24.zip 2018-04-06 09:13 - 2018-04-06 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-04-06 08:47 - 2018-04-06 08:50 - 201944023 _____ C:\Users\Nicolas Mazzon\Downloads\fawn.pw2.2.rar 2018-04-06 08:39 - 2018-03-25 12:15 - 000998424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2018-04-06 08:39 - 2018-03-25 12:15 - 000950016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2018-04-06 08:39 - 2018-03-25 12:15 - 000625504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2018-04-06 08:39 - 2018-03-25 12:15 - 000516024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2018-04-06 08:39 - 2018-03-25 12:14 - 004318112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2018-04-06 08:39 - 2018-03-25 12:14 - 003719096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2018-04-06 08:39 - 2018-03-25 12:14 - 001138720 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2018-04-06 08:39 - 2018-03-25 12:14 - 001065888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2018-04-06 08:39 - 2018-03-25 12:14 - 000749312 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll 2018-04-06 08:39 - 2018-03-25 12:14 - 000608344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll 2018-04-06 08:39 - 2018-03-25 12:13 - 040278608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2018-04-06 08:39 - 2018-03-25 12:13 - 035188992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2018-04-06 08:39 - 2018-03-25 12:10 - 013571520 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2018-04-06 08:39 - 2018-03-25 12:10 - 011132384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 019855144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 016496776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 001355216 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 001346128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 001153744 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 001067560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 001061352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 000902096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 000811808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 000650232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2018-04-06 08:39 - 2018-03-25 12:09 - 000633040 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll 2018-04-06 08:39 - 2018-03-25 12:08 - 012967056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2018-04-06 08:39 - 2018-03-25 12:08 - 011001504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2018-04-06 08:36 - 2018-04-06 08:36 - 000000000 ____D C:\NVIDIA 2018-04-06 08:35 - 2018-04-06 08:36 - 467026848 _____ (NVIDIA Corporation) C:\Users\Nicolas Mazzon\Downloads\391.35-desktop-win10-64bit-international-whql.exe 2018-04-06 08:26 - 2018-04-06 08:26 - 000010520 _____ C:\Users\Nicolas Mazzon\Downloads\ASUS VG248QE Nvidia.icm 2018-04-04 17:26 - 2018-04-04 17:26 - 001710860 _____ C:\Users\Nicolas Mazzon\Downloads\tYZE9pU.psd 2018-04-04 16:10 - 2018-04-04 16:10 - 000009788 _____ C:\Users\Nicolas Mazzon\Downloads\router.data 2018-04-04 10:26 - 2018-04-04 10:26 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2018-04-04 10:26 - 2018-04-04 10:26 - 000000000 ____D C:\Program Files (x86)\Epic Games 2018-04-04 10:23 - 2018-03-15 22:16 - 000012834 _____ C:\Users\Nicolas Mazzon\Downloads\dracula.vssettings 2018-04-04 10:21 - 2018-04-04 10:21 - 000265112 _____ C:\Users\Nicolas Mazzon\Downloads\VSColorThemes.vsix 2018-04-04 09:21 - 2018-04-04 09:21 - 000401754 _____ C:\Users\Nicolas Mazzon\Downloads\Corruption.vip-master.zip 2018-04-03 19:37 - 2018-04-03 19:44 - 026194416 _____ (Razer USA Ltd) C:\Users\Nicolas Mazzon\Downloads\DriverEasy_Setup.exe 2018-04-03 19:09 - 2018-04-03 19:09 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\Audacity 2018-04-03 19:06 - 2018-04-06 13:45 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\audacity 2018-04-03 19:06 - 2018-04-03 19:06 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Audacity 2018-04-03 19:04 - 2018-04-03 19:13 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\Sounds (don't move folder) 2018-04-03 18:50 - 2018-04-03 18:50 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\AVAST Software 2018-04-03 18:47 - 2018-04-03 18:47 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\asw77fba660d104671d.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1827a5ce9bb0316d.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf0509b0b4ea566f7.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5bff90c47849630e.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe7adc468d4219e9e.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbba1146fc55db8a6.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2f5da75d9eeeebe8.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1137048650a39ab6.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf7408fae7d01a3c7.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswd97671f3d58dc09b.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc48b08fe2a045507.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\asw6ffd7c5a9bd1f461.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\asw688a70d3cb5acc7e.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\asw39e4f90c79e38320.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys 2018-04-03 18:47 - 2018-04-03 18:47 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw23d5b5de6e01c8d2.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw d122391c5371263.tmp 2018-04-03 18:47 - 2018-04-03 18:47 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2018-04-03 18:47 - 2018-04-03 18:46 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe41c44592edfb154.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswdaf23f23450d87cb.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe54e5c1a68415207.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\asw51fccfb388f3f85c.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswdff265355e244076.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\asw80647094cb67ab1b.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\asw6ff3cc2b8cd837e1.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\asw ace53b62a8813fa.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswec05ac09a59def04.tmp 2018-04-03 18:47 - 2018-04-03 18:46 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc91017d286c98e68.tmp 2018-04-03 18:46 - 2018-04-03 18:46 - 000000000 ____D C:\Program Files\AVAST Software 2018-04-03 18:45 - 2018-04-03 18:47 - 000000000 ____D C:\ProgramData\AVAST Software 2018-04-03 18:45 - 2018-04-03 18:45 - 000003938 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-04-03 18:45 - 2018-04-03 18:45 - 000002888 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2018-04-03 18:45 - 2018-04-03 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-04-03 18:45 - 2018-04-03 18:45 - 000000000 ____D C:\Program Files\CCleaner 2018-04-03 18:14 - 2018-04-03 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CpuCoreParking 2018-04-03 18:14 - 2018-04-03 18:14 - 000000000 ____D C:\Program Files (x86)\CpuCoreParking 2018-04-03 18:13 - 2018-04-03 18:13 - 000004292 _____ C:\Windows\System32\Tasks\AMD Updater 2018-04-03 18:13 - 2018-04-03 18:13 - 000000000 ____D C:\Program Files (x86)\AMD 2018-04-03 18:11 - 2018-04-03 18:11 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\RadeonInstaller 2018-04-03 18:11 - 2018-04-03 18:11 - 000000000 ____D C:\AMD 2018-04-03 16:27 - 2018-04-03 18:16 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\FPS stuff 2018-04-03 16:27 - 2016-06-25 02:01 - 000032768 _____ () C:\Users\Nicolas Mazzon\Desktop\TimerResolution.exe 2018-04-01 19:02 - 2018-04-01 19:02 - 000200704 _____ C:\Users\Nicolas Mazzon\Documents\Icon Changer by Bobi.exe 2018-04-01 18:25 - 2018-04-01 18:41 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Dynago 2018-04-01 18:20 - 2018-03-25 12:14 - 001985112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439135.dll 2018-04-01 18:20 - 2018-03-25 12:14 - 001683712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439135.dll 2018-04-01 18:14 - 2018-04-01 18:14 - 003066880 _____ () C:\Users\Nicolas Mazzon\Documents\Dynago 4.1.exe 2018-04-01 17:37 - 2018-04-01 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2018-04-01 16:16 - 2018-04-01 18:05 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\BetterDiscord 2018-03-31 13:41 - 2018-03-31 13:41 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\_2012_2__1_ 2018-03-30 10:32 - 2018-04-20 16:26 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\discord 2018-03-30 10:32 - 2018-03-30 10:32 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Discord 2018-03-30 10:22 - 2018-03-30 10:32 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2018-03-29 18:44 - 2018-03-29 18:44 - 000001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Idle Steam.lnk 2018-03-29 10:01 - 2018-03-29 10:01 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\LocalLow\Clever Endeavour Games 2018-03-28 17:17 - 2018-03-28 17:17 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\TslGame 2018-03-27 18:53 - 2018-03-28 17:17 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\UnrealEngine 2018-03-27 18:53 - 2018-03-27 18:54 - 000000000 ____D C:\ProgramData\Epic 2018-03-27 18:53 - 2018-03-27 18:53 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\UnrealEngineLauncher 2018-03-27 18:53 - 2018-03-27 18:53 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\EpicGamesLauncher 2018-03-27 17:41 - 2018-03-27 17:41 - 000000220 _____ C:\Users\Nicolas Mazzon\Desktop\Garry's Mod.url 2018-03-27 17:40 - 2018-03-27 17:40 - 000000222 _____ C:\Users\Nicolas Mazzon\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url 2018-03-26 17:41 - 2018-03-26 17:41 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\Voicemeeter 2018-03-26 17:35 - 2018-02-26 18:44 - 000000934 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC media player.lnk 2018-03-26 17:32 - 2018-03-18 07:55 - 000001563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPUView.lnk 2018-03-26 17:19 - 2018-03-26 17:19 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf 2018-03-25 20:26 - 2018-03-25 20:26 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\prime95 2018-03-25 20:08 - 2018-04-09 00:00 - 000000000 ____D C:\ProgramData\AMD AutoUpdate 2018-03-25 20:08 - 2018-04-03 18:11 - 000000000 ____D C:\Program Files\AMD 2018-03-25 20:08 - 2018-03-25 20:08 - 000003436 _____ C:\Windows\System32\Tasks\AMDAutoUpdate 2018-03-25 20:07 - 2018-03-25 20:07 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Downloaded Installations 2018-03-25 10:45 - 2018-03-25 10:45 - 000001152 _____ C:\Users\Nicolas Mazzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geekbench 4.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-21 08:28 - 2018-02-26 18:43 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\exhowrp 2018-04-21 08:27 - 2017-09-29 09:37 - 000000000 ____D C:\Windows\CbsTemp 2018-04-21 08:22 - 2018-02-26 21:34 - 000000000 ____D C:\Windows\system32\SleepStudy 2018-04-21 08:21 - 2018-02-26 18:44 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Spotify 2018-04-21 06:53 - 2018-02-26 19:16 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Exodus Eden 2018-04-21 02:00 - 2018-02-28 18:26 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Adobe 2018-04-20 20:22 - 2017-09-29 04:45 - 014680064 _____ C:\Windows\system32\config\HARDWARE 2018-04-20 18:58 - 2018-02-26 18:44 - 000000000 ____D C:\Program Files (x86)\Steam 2018-04-20 16:32 - 2018-02-26 18:40 - 001948164 _____ C:\Windows\system32\PerfStringBackup.INI 2018-04-20 16:30 - 2018-02-26 19:01 - 000000000 ____D C:\ProgramData\NVIDIA 2018-04-20 16:26 - 2018-02-26 21:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-04-20 16:26 - 2018-02-26 19:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-04-20 16:25 - 2018-02-26 18:42 - 002888704 _____ (TOSHIBA CORPORATION) C:\Windows\system32\cgiukthsvc.exe 2018-04-20 16:22 - 2017-09-29 04:45 - 000262144 _____ C:\Windows\system32\config\BBI 2018-04-20 16:21 - 2018-02-27 17:03 - 000004632 _____ C:\Users\Nicolas Mazzon\AppData\Roaming\VoiceMeeterDefault.xml 2018-04-20 16:21 - 2018-02-26 19:03 - 000003160 _____ C:\Windows\System32\Tasks\MSIAfterburner 2018-04-20 14:57 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\DeliveryOptimization 2018-04-20 14:55 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-04-20 14:55 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\AppReadiness 2018-04-20 14:53 - 2018-02-26 18:44 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Spotify 2018-04-18 18:39 - 2018-02-26 21:34 - 000000000 ____D C:\Windows\Panther 2018-04-18 18:33 - 2018-03-12 19:23 - 000002290 _____ C:\Users\Nicolas Mazzon\Desktop\Atom.lnk 2018-04-18 18:33 - 2018-02-26 19:16 - 000002427 _____ C:\Users\Nicolas Mazzon\Desktop\ExodusEden.lnk 2018-04-18 18:19 - 2018-02-26 19:03 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2018-04-17 18:46 - 2018-02-26 18:38 - 000000000 ____D C:\Users\Nicolas Mazzon 2018-04-14 15:59 - 2018-02-26 19:40 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\CrashDumps 2018-04-14 12:52 - 2018-03-04 23:01 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Visual Studio Setup 2018-04-14 10:45 - 2018-03-03 13:14 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\obs-studio 2018-04-13 18:57 - 2018-02-26 19:00 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\TeamViewer 2018-04-11 19:31 - 2018-02-26 18:45 - 000000000 ____D C:\ProgramData\Razer 2018-04-11 19:29 - 2017-09-29 09:44 - 000000000 ____D C:\Windows\INF 2018-04-10 16:07 - 2018-02-26 21:34 - 000930552 _____ C:\Windows\system32\FNTCACHE.DAT 2018-04-09 19:10 - 2018-02-26 19:02 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\NVIDIA 2018-04-06 09:14 - 2018-02-26 18:40 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-04-06 09:13 - 2018-03-20 16:42 - 000004088 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 19:01 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 19:01 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 19:01 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 19:01 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 19:01 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 19:01 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 19:01 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-04-06 09:13 - 2018-02-26 18:40 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-04-06 09:13 - 2018-02-26 18:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-04-04 22:37 - 2018-02-26 19:00 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk 2018-04-04 10:24 - 2017-09-29 09:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-04-04 09:43 - 2018-02-26 19:09 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-04-03 19:41 - 2018-03-03 12:55 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\Easeware 2018-04-03 19:13 - 2018-03-03 14:38 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Roaming\vlc 2018-04-03 19:06 - 2018-02-26 18:44 - 000000000 ____D C:\Program Files (x86)\Audacity 2018-04-03 18:36 - 2018-03-06 18:52 - 000000000 ____D C:\Windows\Minidump 2018-04-03 15:37 - 2017-09-29 09:49 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-04-03 15:37 - 2017-09-29 09:49 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-04-02 20:00 - 2018-03-20 17:39 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\steam profile 2018-04-01 17:37 - 2018-03-04 23:07 - 000000000 ____D C:\Program Files\Application Verifier 2018-04-01 17:37 - 2018-03-04 23:07 - 000000000 ____D C:\Program Files (x86)\Application Verifier 2018-04-01 17:37 - 2018-02-26 18:47 - 000000000 ____D C:\ProgramData\Package Cache 2018-04-01 17:30 - 2018-03-04 23:01 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2018-04-01 17:30 - 2018-03-04 23:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2018-03-31 17:53 - 2018-02-26 18:39 - 000000000 ___RD C:\Users\Nicolas Mazzon\3D Objects 2018-03-30 11:00 - 2018-02-26 19:10 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\SquirrelTemp 2018-03-29 18:45 - 2018-03-04 20:33 - 000000000 ____D C:\Users\Nicolas Mazzon\Documents\idle master 2018-03-29 13:18 - 2018-03-04 20:53 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\IdleMaster 2018-03-28 17:17 - 2018-02-26 19:02 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\NVIDIA Corporation 2018-03-26 17:42 - 2018-02-26 18:39 - 000000000 ____D C:\Users\Nicolas Mazzon\AppData\Local\Packages 2018-03-26 17:38 - 2018-02-26 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2018-03-26 17:33 - 2018-03-20 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy 2018-03-25 12:08 - 2018-02-05 07:21 - 004633920 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2018-03-25 12:08 - 2018-02-05 07:21 - 003939624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2018-03-24 15:33 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\rescache 2018-03-24 12:08 - 2018-02-26 18:41 - 000000000 ___RD C:\Users\Nicolas Mazzon\OneDrive 2018-03-23 21:19 - 2018-02-26 19:01 - 002480064 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2018-03-23 21:19 - 2018-02-26 19:01 - 002137024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2018-03-23 21:19 - 2018-02-26 19:01 - 001310144 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2018-03-23 21:19 - 2018-02-26 19:01 - 000189784 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2018-03-23 21:19 - 2018-02-26 19:01 - 000152408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2018-03-23 21:19 - 2018-02-26 19:01 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2018-03-23 21:19 - 2018-02-26 19:00 - 000048407 _____ C:\Windows\system32\nvinfo.pb 2018-03-23 19:50 - 2018-02-26 19:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2018-03-23 19:02 - 2018-02-26 19:01 - 005952392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2018-03-23 19:02 - 2018-02-26 19:01 - 002596320 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2018-03-23 19:02 - 2018-02-26 19:01 - 001767824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2018-03-23 19:02 - 2018-02-26 19:01 - 000633224 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2018-03-23 19:02 - 2018-02-26 19:01 - 000451040 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2018-03-23 19:02 - 2018-02-26 19:01 - 000123840 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2018-03-23 19:02 - 2018-02-26 19:01 - 000083072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll ==================== Files in the root of some directories ======= 2018-02-27 17:03 - 2018-04-20 16:21 - 000004632 _____ () C:\Users\Nicolas Mazzon\AppData\Roaming\VoiceMeeterDefault.xml Some files in TEMP: ==================== 2018-04-10 16:07 - 2018-04-20 16:26 - 000619464 _____ () C:\Users\Nicolas Mazzon\AppData\Local\Temp\0Kraken0502DevProps.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed C:\Windows\system32\drivers\snhilorv.sys -> Access Denied <======= ATTENTION LastRegBack: 2018-04-19 15:25 ==================== End of FRST.txt ============================