Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

MalwareBytes našel nějaké breberky.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ESCGamer55
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 13 zář 2015 09:33

MalwareBytes našel nějaké breberky.

#1 Příspěvek od ESCGamer55 »

Zdravím. Dnes jsem si preventivně skenoval PC s malwarebytes. Z nějakého důvodu se v normálním módu winů nechtěl načíst, takže jsem přepnul do Safe Modu, a hurá načetl se. Našel asi 10 malwarů, takže už jen z důvodu paranoii se sem obracím. FRST log:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-04-2017
Ran by Pin (ATTENTION: The user is not administrator) on PC-ESC (20-04-2017 13:49:04)
Running from C:\Users\Pin\Desktop
Loaded Profiles: Eskejp & Pin (Available Profiles: Eskejp & Pin)
Platform: Windows 8.1 (Update) (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> svchost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> dllhost.exe
Failed to access process -> MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Failed to access process -> svchost.exe
(Farbar) C:\Users\Pin\Desktop\FRST.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [389368 2014-02-17] (IVT Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-459092724-1688354535-1890333071-1009\...\Run: [Discord] => C:\Users\Pin\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2017-04-01] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar898.lnk [2017-04-19]
ShortcutTarget: Sidebar898.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{130B062A-3F88-47C8-B466-3066C1651009}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{B4788C22-8314-4EF4-8A66-9E7182107C26}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-459092724-1688354535-1890333071-1009\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-459092724-1688354535-1890333071-1009\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
URLSearchHook: [S-1-5-21-459092724-1688354535-1890333071-1002] ATTENTION => Default URLSearchHook is missing
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-14] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-14] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-459092724-1688354535-1890333071-1009: @nsroblox.roblox.com/launcher -> C:\Users\Pin\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-459092724-1688354535-1890333071-1009: @nsroblox.roblox.com/launcher64 -> C:\Users\Pin\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default [2017-04-20]
CHR Extension: (Prezentace Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-13]
CHR Extension: (Dokumenty Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-13]
CHR Extension: (Disk Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-13]
CHR Extension: (YouTube) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-13]
CHR Extension: (Tampermonkey) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-04-19]
CHR Extension: (Tabulky Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-14]
CHR Extension: (Grammarly for Chrome) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-13]
CHR Extension: (Gmail) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-09-17] ()
S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.)
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2014-02-17] (IVT Corporation)
S3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-16] (IVT Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lmhosts; C:\WINDOWS\system32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
R2 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [File not signed]
R2 nsi; C:\WINDOWS\system32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [File not signed]
S2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [13824 2013-09-23] (The Within Network, LLC) [File not signed]
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12482024 2017-03-12] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-09-17] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
S3 BtAudioBusSrv; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\WINDOWS\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
U4 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S3 BthL2caScoIfSrv; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
S3 btUrbFilterDrv; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [51936 2014-01-20] (Ralink Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 m76usb; C:\WINDOWS\System32\drivers\m76usb.sys [539848 2014-02-12] (Ralink Technology Corp.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-20] (Malwarebytes)
S2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S2 uxstyle; C:\WINDOWS\system32\Drivers\uxstyle.sys [31440 2013-09-23] (The Within Network, LLC)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
S2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [37960 2016-11-14] (VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-20 13:49 - 2017-04-20 13:49 - 00017931 _____ C:\Users\Pin\Desktop\FRST.txt
2017-04-20 13:48 - 2017-04-20 13:49 - 00000000 ____D C:\FRST
2017-04-20 13:48 - 2017-04-20 13:48 - 02424832 _____ (Farbar) C:\Users\Pin\Downloads\FRST64.exe
2017-04-20 13:48 - 2017-04-20 13:48 - 02424832 _____ (Farbar) C:\Users\Pin\Desktop\FRST.exe
2017-04-20 13:14 - 2017-04-20 13:14 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-20 13:13 - 2017-04-20 13:14 - 60107896 _____ (Malwarebytes ) C:\Users\Pin\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-20 13:06 - 2017-04-20 13:16 - 00220122 _____ C:\WINDOWS\ntbtlog.txt
2017-04-19 19:37 - 2017-04-20 13:01 - 00000000 ____D C:\Users\Pin\AppData\Local\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 07220496 _____ (IvoSoft) C:\Users\Pin\Downloads\ClassicShellSetup_4_3_0.exe
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Users\Pin\AppData\Roaming\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\ProgramData\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Program Files\Classic Shell
2017-04-19 19:08 - 2017-04-19 19:12 - 00000000 ____D C:\Users\Pin\Documents\Camtasia Studio
2017-04-19 19:08 - 2017-04-19 19:08 - 25710592 _____ C:\Users\Pin\Documents\capture-1.camrec
2017-04-19 19:08 - 2017-04-19 19:08 - 00000000 ____D C:\Users\Pin\AppData\Local\TechSmith
2017-04-19 19:07 - 2017-04-19 19:07 - 00003584 _____ C:\Users\Pin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-19 19:06 - 2017-04-19 19:07 - 00000000 ____D C:\Users\Pin\AppData\Roaming\vlc
2017-04-19 18:54 - 2017-04-19 18:55 - 841764892 _____ C:\Users\Pin\Downloads\TF2- Circle Strafing Tutorial Strafing Towards [Part 15].mp4
2017-04-19 18:53 - 2017-04-19 18:53 - 00006509 _____ C:\Users\Pin\Downloads\ovc.user.js
2017-04-19 18:31 - 2017-04-19 18:32 - 05873881 _____ C:\Users\Pin\Downloads\toonhud_JHJHGK0J.zip
2017-04-18 20:44 - 2017-04-19 18:36 - 00002181 _____ C:\Users\Pin\Desktop\Spy's dictionary.txt
2017-04-18 20:02 - 2017-04-18 20:02 - 00599552 _____ () C:\Users\Pin\Desktop\Hoovy V2.exe
2017-04-18 20:00 - 2017-04-18 20:00 - 00001214 _____ C:\Users\Public\Desktop\paint.net.lnk
2017-04-18 19:32 - 2017-04-18 19:32 - 00000000 ____D C:\Users\Pin\AppData\Local\paint.net
2017-04-18 07:08 - 2017-04-18 07:11 - 00000121 _____ C:\Users\Pin\Desktop\smurf.txt
2017-04-17 15:52 - 2017-04-17 12:03 - 00277504 _____ () C:\Users\Pin\Desktop\Mazlíček Hoovy.exe
2017-04-17 15:03 - 2017-04-17 15:03 - 00001535 _____ C:\Users\Pin\Desktop\MSIAfterburner.lnk
2017-04-17 13:39 - 2017-04-19 18:00 - 00000451 _____ C:\Users\Pin\Desktop\DisguiseName.txt
2017-04-17 13:23 - 2017-04-17 13:23 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\dclogs
2017-04-17 13:18 - 2017-04-18 06:59 - 00000000 __SHD C:\Users\Pin\Documents\MSDCSC
2017-04-17 13:18 - 2017-04-18 06:57 - 00000000 ____D C:\Users\Pin\AppData\Roaming\dclogs
2017-04-17 12:46 - 2017-04-17 12:46 - 14806800 _____ C:\Users\Pin\Downloads\Dark Comet 5.1.rar
2017-04-17 12:24 - 2017-04-17 12:24 - 00374064 _____ C:\Users\Pin\Downloads\BosonCrypter Free Version.zip
2017-04-17 11:13 - 2017-04-17 11:13 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Temp
2017-04-17 11:12 - 2017-04-17 11:12 - 00000000 ____D C:\Users\Pin\AppData\Roaming\NuGet
2017-04-17 10:57 - 2017-04-17 10:57 - 00000000 ____D C:\Users\Pin\AppData\Local\Intel_Corporation
2017-04-16 20:51 - 2017-04-16 20:51 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Bandicam Company
2017-04-16 20:48 - 2017-04-16 20:48 - 00835647 _____ C:\Users\Pin\Downloads\MSCONFIGforWindows10and8.zip
2017-04-16 20:48 - 2017-04-16 20:48 - 00000000 ____D C:\Program Files\MSCONFIG for Windows 10 and 8
2017-04-16 18:35 - 2017-04-16 18:56 - 00000000 ____D C:\Users\Pin\AppData\Local\Roblox
2017-04-16 18:35 - 2017-04-16 18:41 - 00000154 _____ C:\Users\Pin\AppData\LocalLow\rbxcsettings.rbx
2017-04-16 18:35 - 2017-04-16 18:35 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-04-16 18:29 - 2017-04-16 19:18 - 00000000 ____D C:\Users\Pin\AppData\Roaming\FB7D0493-FDB8-4126-A2C9-EAA90F3DD5FF
2017-04-16 18:29 - 2017-04-16 18:31 - 00000000 ____D C:\Program Files\DSL Host
2017-04-16 18:26 - 2017-04-16 18:26 - 00000000 ____D C:\Users\Pin\AppData\Local\Vitalwerks
2017-04-16 13:38 - 2017-04-16 14:22 - 00001719 _____ C:\Users\Pin\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-16 13:37 - 2017-04-16 13:37 - 00000225 ____H C:\Users\Pin\Desktop\Gameowner.ini
2017-04-16 12:43 - 2017-04-16 12:46 - 00000000 ____D C:\Users\Pin\AppData\Roaming\.technic
2017-04-16 12:43 - 2017-02-14 22:41 - 04734784 _____ () C:\Users\Pin\Desktop\Technic.exe
2017-04-16 12:42 - 2017-04-16 12:42 - 00001261 ____H C:\Users\Pin\Desktop\nativelog.txt
2017-04-15 18:11 - 2017-04-15 18:11 - 00000000 ____D C:\Users\Pin\Desktop\SLAM
2017-04-15 18:05 - 2017-04-15 20:29 - 00000000 ____D C:\Users\Pin\AppData\Roaming\discord
2017-04-15 18:05 - 2017-04-15 18:05 - 00002198 _____ C:\Users\Pin\Desktop\Discord.lnk
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Local\SquirrelTemp
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Local\Discord
2017-04-15 18:04 - 2017-04-15 18:04 - 52553728 _____ (Hammer & Chisel, Inc.) C:\Users\Pin\Downloads\DiscordSetup.exe
2017-04-15 12:30 - 2017-04-17 19:09 - 00000000 ____D C:\Users\Pin\Desktop\SFM Work
2017-04-15 12:29 - 2017-04-15 12:29 - 00000220 _____ C:\Users\Pin\Desktop\Source Filmmaker.url
2017-04-15 11:41 - 2017-04-15 11:41 - 03086696 _____ C:\Users\Pin\Downloads\instspeedfan452 (1).exe
2017-04-15 11:40 - 2017-04-16 20:57 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-04-15 11:40 - 2017-04-15 11:41 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2017-04-15 11:40 - 2017-04-15 11:40 - 03086696 _____ C:\Users\Pin\Downloads\instspeedfan452.exe
2017-04-15 11:21 - 2017-04-15 11:21 - 00000000 ____D C:\Users\Pin\AppData\Roaming\NVIDIA
2017-04-15 11:20 - 2017-02-14 22:07 - 00000953 _____ C:\Users\Pin\Desktop\Majkraft.lnk
2017-04-15 11:15 - 2017-04-17 15:08 - 00000000 ____D C:\Users\Pin\AppData\Roaming\.minecraft
2017-04-15 11:06 - 2017-04-15 11:09 - 00000000 ____D C:\Users\Pin\Superposition
2017-04-15 11:04 - 2017-04-15 11:04 - 00000829 _____ C:\Users\Public\Desktop\Superposition Benchmark.lnk
2017-04-15 10:49 - 2017-04-15 10:49 - 00000282 _____ C:\Users\Pin\AppData\Roaming\GPU MeterV2_Settings.ini
2017-04-15 10:46 - 2017-04-15 10:46 - 00001711 _____ C:\Users\Pin\Desktop\Chrome.lnk
2017-04-15 10:43 - 2017-04-15 10:43 - 00000624 _____ C:\Users\Pin\AppData\Roaming\All CPU MeterV3_Settings.ini
2017-04-15 10:38 - 2017-04-15 10:38 - 00000000 ____D C:\Users\Pin\AppData\Local\Clipboarder
2017-04-15 10:37 - 2017-04-15 10:38 - 00000000 ____D C:\Users\Pin\AppData\Local\Sidebar7
2017-04-15 10:37 - 2017-04-15 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2017-04-15 08:39 - 2017-04-15 08:45 - 477644890 _____ C:\Users\Pin\Downloads\naugatx8620160902.iso.bz2
2017-04-15 08:37 - 2017-04-17 12:38 - 00000000 ____D C:\Users\Pin\AppData\Roaming\VMware
2017-04-15 08:37 - 2017-04-17 12:38 - 00000000 ____D C:\Users\Pin\AppData\Local\VMware
2017-04-15 08:37 - 2017-04-15 10:42 - 00002189 _____ C:\Users\Pin\Desktop\VMware Workstation.lnk
2017-04-15 08:33 - 2017-04-15 08:33 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Wireshark
2017-04-15 08:19 - 2017-04-15 08:19 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Notepad++
2017-04-14 21:17 - 2017-04-14 21:18 - 00000911 _____ C:\Users\Eskejp\Desktop\Steam Console.lnk
2017-04-14 21:08 - 2017-04-14 21:08 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Sun
2017-04-14 21:08 - 2017-04-14 21:08 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Sun
2017-04-14 20:31 - 2017-04-14 20:31 - 01389887 _____ C:\Users\Pin\Desktop\ESC.deskthemepack
2017-04-14 19:47 - 2017-04-14 20:21 - 00000000 ____D C:\Users\Pin\Desktop\Visual Studio
2017-04-14 19:45 - 2017-04-14 19:45 - 00000000 ____D C:\Users\Pin\AppData\Local\.IdentityService
2017-04-14 19:44 - 2017-04-18 19:54 - 00000000 ____D C:\Users\Pin\Documents\Visual Studio 2017
2017-04-14 19:44 - 2017-04-14 19:44 - 00000000 ____D C:\Users\Pin\AppData\Local\ServiceHub
2017-04-14 19:26 - 2017-04-14 19:37 - 00000000 ____D C:\Users\Pin\AppData\Roaming\obs-studio
2017-04-14 19:26 - 2017-04-14 19:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\obs-studio
2017-04-14 19:25 - 2017-04-14 19:25 - 00001180 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-04-14 19:24 - 2017-04-14 19:24 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-04-14 14:59 - 2017-04-14 14:59 - 00000863 _____ C:\Users\Pin\Desktop\GTA V.lnk
2017-04-14 14:59 - 2017-04-14 14:59 - 00000000 ____D C:\Users\Pin\Documents\Rockstar Games
2017-04-14 14:59 - 2017-04-14 14:59 - 00000000 ____D C:\Users\Pin\AppData\Local\Rockstar Games
2017-04-14 14:48 - 2017-04-19 15:18 - 00000000 ____D C:\Users\Pin\AppData\Local\CrashDumps
2017-04-14 14:45 - 2017-04-14 14:45 - 00000948 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-04-14 14:44 - 2017-04-20 12:56 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Skype
2017-04-14 14:44 - 2017-04-14 14:44 - 00000000 ____D C:\Users\Pin\Tracing
2017-04-14 13:53 - 2017-04-14 13:53 - 00000219 _____ C:\Users\Pin\Desktop\Team Fortress 2.url
2017-04-14 13:00 - 2017-04-19 19:06 - 00226304 ___SH C:\Users\Pin\Downloads\Thumbs.db
2017-04-13 22:14 - 2017-04-13 22:14 - 00001535 _____ C:\Users\Pin\Desktop\MSI Afterburner.lnk
2017-04-13 22:12 - 2017-04-13 22:12 - 00000983 _____ C:\Users\Pin\Desktop\Steam.lnk
2017-04-13 22:08 - 2017-04-13 22:08 - 00000000 ____D C:\Users\Pin\AppData\Local\Steam
2017-04-13 22:06 - 2017-04-01 03:12 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-13 22:06 - 2017-04-01 03:12 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-13 21:53 - 2017-04-13 21:53 - 00000000 ____D C:\Users\Pin\AppData\Roaming\WinRAR
2017-04-13 21:50 - 2017-04-13 21:50 - 00000000 ____D C:\Users\Pin\AppData\Local\CEF
2017-04-13 21:49 - 2017-04-19 19:36 - 00000074 _____ C:\Users\Pin\AppData\Roaming\sp_data.sys
2017-04-13 21:49 - 2017-04-13 21:49 - 00000000 ____D C:\Users\Pin\AppData\Local\NVIDIA Corporation
2017-04-13 21:48 - 2017-04-13 21:49 - 00000000 ____D C:\Users\Pin\AppData\Local\Razer
2017-04-13 21:46 - 2017-04-18 19:31 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Adobe
2017-04-13 21:46 - 2017-04-15 11:06 - 00000000 ____D C:\Users\Pin
2017-04-13 21:46 - 2017-04-14 13:08 - 00000000 ____D C:\Users\Pin\AppData\Local\Google
2017-04-13 21:46 - 2017-04-13 21:48 - 00000000 ____D C:\Users\Pin\AppData\Local\Packages
2017-04-13 21:46 - 2017-04-13 21:46 - 00001424 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-13 21:46 - 2017-04-13 21:46 - 00000020 ___SH C:\Users\Pin\ntuser.ini
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Soubory cookie
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Šablony
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Poslední
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Okolní tiskárny
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Okolní síť
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Nabídka Start
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Dokumenty
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Obrázky
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Hudba
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Filmy
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Data aplikací
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\AppData\Local\Data aplikací
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\WINDOWS\system32\NV
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\VirtualStore
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\NVIDIA
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\ASUS
2017-04-13 21:46 - 2014-11-21 07:02 - 00000369 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-04-13 21:46 - 2014-11-21 07:02 - 00000369 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-04-13 21:36 - 2017-04-13 21:39 - 00000201 _____ C:\Users\Eskejp\Desktop\win 8 explorer.vbs
2017-04-13 20:43 - 2017-04-13 20:43 - 01508371 _____ C:\Users\Eskejp\Downloads\oldspymod_7a0e5 (2).zip
2017-04-13 20:29 - 2017-04-13 21:35 - 00000147 _____ C:\Users\Eskejp\Desktop\list jmen.txt
2017-04-13 16:57 - 2017-04-13 16:57 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Mael
2017-04-13 16:53 - 2017-04-13 16:53 - 00882431 _____ C:\Users\Eskejp\Downloads\HxDSetupCSY.zip
2017-04-13 16:09 - 2017-04-13 16:10 - 02169248 _____ C:\Users\Eskejp\Downloads\ForceCrypter-master.zip
2017-04-13 15:55 - 2017-04-13 15:55 - 14022858 _____ C:\Users\Eskejp\Downloads\Dark Comet.rar
2017-04-13 15:26 - 2017-04-13 15:26 - 00026112 _____ C:\Users\Eskejp\Downloads\p4crypt.exe
2017-04-13 14:46 - 2017-04-13 14:46 - 00001152 _____ C:\Users\Eskejp\Downloads\Remove_Take_Ownership_from_context_menu.reg
2017-04-13 14:45 - 2017-04-13 14:45 - 00001942 _____ C:\Users\Eskejp\Downloads\Add_Take_Ownership_to_context_menu.reg
2017-04-13 14:37 - 2017-04-13 14:37 - 03558240 _____ C:\Users\Eskejp\Downloads\default_win7_[winsounds.com]_1956.zip
2017-04-13 14:34 - 2017-04-13 14:47 - 00000062 _____ C:\Users\Eskejp\Desktop\blank error.vbs
2017-04-13 10:18 - 2017-04-13 10:18 - 22638821 _____ () C:\Users\Eskejp\Downloads\mctitan_launcher.exe
2017-04-13 10:18 - 2017-04-13 10:18 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\technic_warez
2017-04-12 21:25 - 2017-04-13 14:34 - 00000124 _____ C:\Users\Eskejp\Desktop\lsass end.vbs
2017-04-12 19:41 - 2017-04-12 19:41 - 05700576 _____ C:\Users\Eskejp\Downloads\NanoCore RAT 1.2.2.0 Cracked By Alcatraz3222.rar
2017-04-12 19:18 - 2017-04-12 19:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-12 19:18 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-04-12 19:18 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-04-12 19:18 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-04-12 19:18 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-04-12 19:14 - 2017-04-01 05:20 - 40201152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 35315256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 35280320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 28560440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 20055968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 17418608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 16431320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 14653888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-04-12 19:14 - 2017-04-01 05:20 - 13398512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 11112928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 10636240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 09316648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 08876272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 03430336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 03012152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438165.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438165.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01054776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00991800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00960448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00912952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00577544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00038336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-04-12 19:14 - 2017-04-01 05:20 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-04-12 19:14 - 2017-04-01 05:20 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-04-12 19:09 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-12 19:09 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-12 19:09 - 2017-03-28 05:32 - 00047552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-04-12 16:48 - 2017-04-16 20:58 - 00000000 ____D C:\Program Files\Sandboxie
2017-04-12 16:48 - 2017-04-12 16:48 - 08974992 _____ (Sandboxie Holdings, LLC) C:\Users\Eskejp\Downloads\SandboxieInstall.exe
2017-04-12 16:43 - 2017-04-12 16:43 - 00241736 _____ C:\Users\Eskejp\Downloads\DUCSetup_v4_1_1.exe
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\Users\Eskejp\AppData\Local\Vitalwerks
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\ProgramData\Vitalwerks
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\Program Files (x86)\No-IP
2017-04-12 15:36 - 2017-04-12 15:36 - 00000000 ____D C:\Users\Eskejp\Documents\Lawena Rec
2017-04-12 15:35 - 2017-04-12 15:35 - 25434245 _____ C:\Users\Eskejp\Downloads\lawena-stable-4.1.16.zip
2017-04-12 15:35 - 2017-04-12 15:35 - 24973035 _____ C:\Users\Eskejp\Downloads\lawena-recording-tool-4.1.16.zip
2017-04-12 15:35 - 2017-03-17 15:41 - 00000000 ____D C:\Users\Eskejp\Desktop\lawena
2017-04-12 09:50 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 09:50 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-04-12 09:50 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 09:50 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 09:50 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 09:50 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 09:50 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-04-12 09:50 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 09:50 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 09:50 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-04-12 09:50 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 09:50 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-04-12 09:50 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 09:50 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-04-12 09:50 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 09:50 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-04-12 09:50 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-04-12 09:50 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 09:50 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 09:50 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 09:50 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 09:50 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 09:50 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 09:50 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 09:50 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 09:50 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 09:50 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-04-12 09:50 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-04-12 09:50 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-04-12 09:50 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 09:50 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2017-04-12 09:50 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 09:50 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 09:50 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2017-04-12 09:50 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2017-04-12 09:50 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2017-04-12 09:50 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-04-12 09:50 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2017-04-12 09:50 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2017-04-12 09:50 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-04-12 09:50 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 09:50 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 09:50 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 09:50 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 09:50 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 09:50 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 09:50 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 09:50 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-04-12 09:50 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 09:50 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 09:50 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 09:50 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 09:50 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 09:50 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 09:50 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 09:50 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 09:50 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 09:50 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 09:50 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 09:50 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 09:50 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 09:50 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-04-12 09:50 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-04-12 09:50 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-04-12 09:50 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-04-12 09:50 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2017-04-12 09:50 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2017-04-12 09:50 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-04-12 09:50 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2017-04-12 09:50 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-04-12 09:50 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-04-12 09:50 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 09:50 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-04-12 09:50 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-04-12 09:50 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 09:50 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 09:50 - 2017-01-14 16:37 - 00447095 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-04-12 09:50 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2017-04-12 09:50 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2017-04-12 09:50 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-04-12 09:50 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2017-04-12 09:50 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-04-12 09:50 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2017-04-12 09:50 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-04-12 09:50 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-04-12 09:50 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-04-12 09:50 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-04-12 09:50 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-04-12 09:50 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-04-12 09:50 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-04-12 09:50 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2017-04-12 09:50 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-04-12 09:50 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-04-12 09:50 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-04-12 09:50 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-04-12 09:50 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-04-11 17:06 - 2017-04-11 17:06 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Wireshark
2017-04-11 16:54 - 2017-04-11 16:57 - 00001739 _____ C:\Users\Eskejp\Desktop\IP-Lookup.lnk
2017-04-11 16:46 - 2017-04-11 16:46 - 00000887 _____ C:\Users\Eskejp\Desktop\Wireshark.lnk
2017-04-11 16:40 - 2017-04-11 16:40 - 00000698 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-04-11 16:40 - 2017-04-11 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-04-11 16:40 - 2017-04-11 16:40 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-04-11 16:39 - 2017-04-11 16:39 - 00000577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-04-11 16:36 - 2017-04-11 16:36 - 49367072 _____ (Wireshark development team) C:\Users\Eskejp\Downloads\Wireshark-win64-2.2.5.exe
2017-04-11 14:37 - 2017-04-11 14:37 - 00000880 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NosTale.lnk
2017-04-11 14:34 - 2017-04-11 17:01 - 00000000 ____D C:\Program Files (x86)\Nostale
2017-04-11 14:18 - 2017-04-11 14:18 - 00981624 _____ (Gameforge 4D GmbH ) C:\Users\Eskejp\Downloads\2017-03-28_Nostale_CZ_Setup.exe
2017-04-11 13:41 - 2017-04-11 13:38 - 00315904 _____ (Pin Lád) C:\Users\Eskejp\Desktop\pinaim7.exe
2017-04-10 07:16 - 2017-04-10 13:53 - 00301182 _____ C:\Users\Eskejp\Desktop\PinAim V1.3.1.rar
2017-04-09 12:08 - 2017-04-10 13:55 - 00000000 ____D C:\Users\Eskejp\Desktop\My folder with Viruses
2017-04-09 10:54 - 2017-04-09 10:55 - 00000000 ____D C:\Users\Eskejp\Desktop\SFM
2017-04-09 10:07 - 2017-04-09 10:07 - 00266194 _____ C:\Users\Eskejp\Downloads\TF2 How could this Happen!.mp4
2017-04-09 09:49 - 2017-04-09 09:56 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\vlc
2017-04-09 09:48 - 2017-04-09 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-09 09:48 - 2017-04-09 09:48 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-04-08 18:49 - 2017-04-08 21:31 - 00000098 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Unity
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Local\Unity
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\ProgramData\Unity
2017-04-08 15:39 - 2017-04-08 15:37 - 00074752 _____ () C:\Users\Eskejp\Downloads\TF2 Aimbot by Pin Lad - VAC Undetected.exe
2017-04-08 14:44 - 2017-04-08 14:44 - 00000000 ____D C:\SymCache
2017-04-08 14:40 - 2017-04-08 14:40 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\NuGet
2017-04-08 14:35 - 2017-04-17 12:18 - 00000000 ____D C:\Users\Eskejp\Documents\Visual Studio 2017
2017-04-08 14:35 - 2017-04-08 14:35 - 00000000 ____D C:\Users\Eskejp\AppData\Local\.IdentityService
2017-04-08 14:30 - 2017-04-08 14:30 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2017-04-08 14:29 - 2017-04-08 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.4.0f3 (64-bit)
2017-04-08 14:27 - 2017-04-08 14:30 - 00000000 ____D C:\Program Files\Unity
2017-04-08 14:26 - 2017-04-08 14:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2017-04-08 14:23 - 2017-04-08 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2017-04-08 14:23 - 2017-04-08 14:23 - 00000000 ____D C:\Program Files (x86)\Android
2017-04-08 14:22 - 2017-04-08 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-04-08 14:21 - 2017-04-08 14:21 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-08 14:13 - 2017-04-08 14:13 - 00000000 ____D C:\Program Files (x86)\Entity Framework Tools
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\3082
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\2052
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1055
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1049
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1046
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1045
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1042
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1041
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1040
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1036
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1029
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1028
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\3082
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\2052
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1055
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1049
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1046
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1045
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1042
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1041
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1040
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1036
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1033
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1031
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1029
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1028
2017-04-08 14:12 - 2017-04-08 14:12 - 00000000 ____D C:\Program Files\Windows Kits
2017-04-08 14:09 - 2017-04-09 19:11 - 00004813 _____ C:\Users\Eskejp\Desktop\Mediic.vbs
2017-04-08 14:09 - 2017-04-08 14:09 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files\Application Verifier
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2017-04-08 14:03 - 2017-04-08 14:03 - 00000000 ____D C:\Program Files (x86)\NuGet
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-04-08 13:43 - 2017-04-08 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-04-08 13:43 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2017-04-08 13:42 - 2017-04-08 13:42 - 00001701 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk
2017-04-08 13:42 - 2017-04-08 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2017-04-08 13:39 - 2017-04-08 13:39 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2017-04-08 13:37 - 2017-04-08 14:34 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Visual Studio Setup
2017-04-08 13:37 - 2017-04-08 14:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2017-04-08 13:37 - 2017-04-08 13:37 - 00002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2017-04-08 13:37 - 2017-04-08 13:37 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\vstelemetry
2017-04-08 13:37 - 2017-04-08 13:37 - 00000000 ____D C:\Users\Eskejp\AppData\Local\ServiceHub
2017-04-08 11:58 - 2017-04-08 11:58 - 00013052 _____ C:\Users\Eskejp\Documents\MEMZ 4.0 Clean.zip
2017-04-07 18:49 - 2017-04-08 11:20 - 00051200 ___SH C:\Users\Eskejp\Desktop\Thumbs.db
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\Program Files (x86)\TechSmith
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2017-04-07 15:38 - 2017-04-07 15:43 - 00000000 ____D C:\Users\Eskejp\Downloads\Camtasia.Studio.v8.0.0.Build.878.Incl.Keygen
2017-04-07 15:35 - 2017-04-16 20:51 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-04-07 15:34 - 2017-04-07 15:34 - 17033192 _____ (Bandicam Company) C:\Users\Eskejp\Documents\bdcamsetup.exe
2017-04-07 14:04 - 2017-04-05 14:05 - 00000077 _____ C:\Users\Eskejp\Downloads\hesla.txt
2017-04-06 16:33 - 2017-04-06 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\TeamViewer
2017-04-06 16:32 - 2017-04-16 15:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-06 16:32 - 2017-04-06 16:32 - 13194408 _____ (TeamViewer GmbH) C:\Users\Eskejp\Documents\TeamViewer_Setup_cs.exe
2017-04-05 17:54 - 2017-04-05 17:55 - 00107412 _____ C:\Users\Eskejp\Desktop\WindowsFix.zip
2017-04-05 17:45 - 2017-04-05 17:45 - 00107492 _____ C:\Users\Eskejp\Desktop\Virus.Win32.Winkiller.zip
2017-04-05 14:04 - 2017-04-05 14:05 - 00000077 _____ C:\Users\Eskejp\Desktop\hesla.txt
2017-04-04 20:49 - 2017-04-05 17:45 - 00000000 ____D C:\Users\Eskejp\Desktop\Wiruses
2017-04-02 13:12 - 2017-04-02 13:12 - 00000000 ____D C:\Users\Eskejp\AppData\Local\RzStats
2017-04-02 13:05 - 2017-04-20 13:05 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-04-02 13:05 - 2017-04-02 13:05 - 00000000 ____D C:\ProgramData\RzSurroundVAD_1.1.62.0
2017-04-02 13:05 - 2017-04-02 13:05 - 00000000 _____ C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2017-04-02 09:03 - 2017-04-02 09:03 - 07291524 _____ C:\Users\Eskejp\Documents\faithful64pack-v1.4.0.zip
2017-04-02 09:00 - 2017-04-02 09:00 - 00033294 _____ C:\Users\Eskejp\Documents\Chocapic13 V4-Medium.zip
2017-04-02 08:53 - 2017-04-02 08:53 - 00067728 _____ C:\Users\Eskejp\Documents\SEUS-v10.1-Standard.zip
2017-04-01 18:44 - 2017-04-01 18:44 - 01617333 _____ C:\Users\Eskejp\Documents\OptiFine_1.7.10_HD_U_D7.jar
2017-04-01 09:26 - 2017-04-01 09:27 - 00000000 ___HD C:\Flo
2017-04-01 09:25 - 2017-04-01 09:25 - 04332773 _____ C:\Users\Eskejp\Documents\skinchanger.rar
2017-03-31 21:32 - 2017-04-01 05:20 - 00170360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2017-03-31 21:32 - 2017-03-17 02:59 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437892.dll
2017-03-31 21:32 - 2017-03-17 02:59 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437892.dll
2017-03-31 21:22 - 2017-03-31 21:22 - 00002206 _____ C:\Users\Eskejp\Documents\Registry-Tweaks-Collection-to-Make-Windows-Faster.zip
2017-03-31 21:20 - 2017-03-31 21:20 - 00000972 _____ C:\Users\Eskejp\Documents\aerolite.zip
2017-03-31 21:09 - 2017-03-31 21:09 - 01985978 _____ C:\Users\Eskejp\Documents\UxStyle_sep23_x86_x64_possibly_bugged.zip
2017-03-31 17:53 - 2017-03-31 17:53 - 00752617 _____ C:\Users\Eskejp\Documents\ScriptHookVDotNet (1).zip
2017-03-31 17:42 - 2017-03-31 17:42 - 01378066 _____ C:\Users\Eskejp\Documents\ScriptHookV_1.0.1011.1 (1).zip
2017-03-31 17:40 - 2017-03-31 17:40 - 00752617 _____ C:\Users\Eskejp\Documents\ScriptHookVDotNet.zip
2017-03-31 17:30 - 2017-03-31 17:30 - 00051936 _____ C:\Users\Eskejp\Documents\1487f6-BennysMotorworks.zip
2017-03-31 17:29 - 2017-03-31 17:29 - 01378066 _____ C:\Users\Eskejp\Documents\ScriptHookV_1.0.1011.1.zip
2017-03-31 16:35 - 2017-04-13 22:04 - 00000000 ____D C:\Users\Eskejp\Desktop\NanoCore
2017-03-31 16:33 - 2017-03-31 16:33 - 05700576 _____ C:\Users\Eskejp\Documents\NanoCore RAT 1.2.2.0 Cracked By Alcatraz3222.rar
2017-03-31 12:54 - 2017-03-31 12:54 - 00070144 _____ C:\Users\Eskejp\Desktop\winver.exe
2017-03-30 20:06 - 2017-03-30 20:06 - 00006509 _____ C:\Users\Eskejp\Downloads\ovc.user.js
2017-03-30 19:31 - 2017-03-30 19:31 - 00000000 ____D C:\ProgramData\ASUS
2017-03-30 19:31 - 2015-09-17 04:58 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-03-30 19:31 - 2015-09-17 04:58 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-03-30 19:30 - 2017-03-30 19:30 - 76775409 _____ C:\Users\Eskejp\Documents\AISuite3_Win10_V10147.zip
2017-03-30 19:26 - 2017-03-30 19:30 - 04363475 _____ C:\Users\Eskejp\Documents\HWiNFO.zip
2017-03-30 19:22 - 2017-03-30 19:22 - 03808448 _____ (Martin Malík - REALiX ) C:\Users\Eskejp\Documents\hw64_546.exe
2017-03-30 19:07 - 2017-03-30 19:07 - 00000000 ____D C:\Users\Eskejp\Desktop\cru-1.3
2017-03-30 19:01 - 2017-03-30 19:01 - 00537711 _____ C:\Users\Eskejp\Documents\cru-1.3.zip
2017-03-30 16:21 - 2017-03-30 16:21 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfrdvcompat.dll
2017-03-30 16:14 - 2017-03-30 16:14 - 00419176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfbasics.dll
2017-03-30 16:14 - 2017-03-30 16:14 - 00196856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vrfcore.dll
2017-03-30 16:13 - 2017-03-30 16:13 - 01151200 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfprintpthelper.dll
2017-03-30 16:13 - 2017-03-30 16:13 - 00148008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appverif.exe
2017-03-30 16:12 - 2017-03-30 16:12 - 00436944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfprint.dll
2017-03-30 16:12 - 2017-03-30 16:12 - 00085672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfnws.dll
2017-03-30 16:12 - 2017-03-30 16:12 - 00048264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfntlmless.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00278440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfluapriv.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00115784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfnet.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00049352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfcuzz.dll
2017-03-30 16:10 - 2017-03-30 16:10 - 00064888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfcompat.dll
2017-03-30 16:10 - 2017-03-30 16:10 - 00024464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cuzzapi.dll
2017-03-30 13:39 - 2017-03-30 13:39 - 00099160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfrdvcompat.dll
2017-03-30 13:26 - 2017-03-30 13:26 - 00176528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vrfcore.dll
2017-03-30 13:26 - 2017-03-30 13:26 - 00119944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appverif.exe
2017-03-30 13:25 - 2017-03-30 13:25 - 00375568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfbasics.dll
2017-03-30 13:24 - 2017-03-30 13:24 - 00632216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfprintpthelper.dll
2017-03-30 13:24 - 2017-03-30 13:24 - 00334008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfprint.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00252424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfluapriv.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00071096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfnws.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfntlmless.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00093472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfnet.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00066368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfcompat.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00045648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfcuzz.dll
2017-03-30 13:21 - 2017-03-30 13:21 - 00022352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cuzzapi.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 01797440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbased.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 00630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10sdklayers.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 00458040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10ref.dll
2017-03-30 00:52 - 2017-03-30 00:52 - 00031552 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft.windows.softwarelogo.showdesktop.exe
2017-03-30 00:41 - 2017-03-30 00:41 - 01505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbased.dll
2017-03-30 00:41 - 2017-03-30 00:41 - 00074560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsd3dwarpdebug.dll
2017-03-30 00:40 - 2017-03-30 00:40 - 00644408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11ref.dll
2017-03-30 00:40 - 2017-03-30 00:40 - 00063808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DRefDebug.dll
2017-03-30 00:38 - 2017-03-30 00:38 - 00082240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DRefDebug.dll
2017-03-30 00:38 - 2017-03-30 00:38 - 00075072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsd3dwarpdebug.dll
2017-03-30 00:37 - 2017-03-30 00:37 - 00763192 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11ref.dll
2017-03-30 00:27 - 2017-03-30 00:27 - 00481600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10sdklayers.dll
2017-03-30 00:27 - 2017-03-30 00:27 - 00361792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10ref.dll
2017-03-29 22:16 - 2017-03-29 22:16 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dref9.dll
2017-03-29 22:11 - 2017-03-29 22:11 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dref9.dll
2017-03-29 21:52 - 2017-03-29 21:52 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2017-03-29 21:52 - 2017-03-29 21:52 - 00103728 _____ C:\WINDOWS\SysWOW64\appverifUI.dll
2017-03-29 21:48 - 2017-03-29 21:48 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2017-03-29 21:48 - 2017-03-29 21:48 - 00129840 _____ C:\WINDOWS\system32\appverifUI.dll
2017-03-29 20:40 - 2017-03-29 20:40 - 00322842 _____ C:\Users\Eskejp\Documents\sweetfx_redone.7z
2017-03-29 13:54 - 2017-03-29 13:54 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Bat To Exe Converter
2017-03-29 13:43 - 2017-03-29 13:43 - 02710688 _____ (Sysinternals - www.sysinternals.com) C:\Users\Eskejp\Documents\procexp.exe
2017-03-29 13:00 - 2017-03-31 12:54 - 00098751 _____ C:\Users\Eskejp\Desktop\csrrs.exe.cmd
2017-03-27 20:03 - 2017-03-27 20:03 - 00493732 _____ C:\Users\Eskejp\Documents\sweetfx-csgo.zip
2017-03-26 17:09 - 2017-03-27 18:09 - 00000000 ____D C:\Users\Eskejp\Desktop\SLAM
2017-03-26 17:05 - 2017-04-15 18:11 - 00000000 ____D C:\Users\Eskejp\AppData\Local\SLAM
2017-03-26 17:05 - 2017-03-26 17:05 - 00428153 _____ C:\Users\Eskejp\Documents\SLAM_v1.5.0.zip
2017-03-26 17:01 - 2017-03-26 17:01 - 03114048 _____ C:\Users\Eskejp\Documents\AutoHotkey_1.1.25.01_setup.exe
2017-03-26 16:33 - 2016-10-25 22:04 - 00228864 _____ C:\Users\Eskejp\Desktop\formule.dll
2017-03-26 12:53 - 2017-03-26 12:53 - 00290718 _____ C:\Users\Eskejp\Downloads\no_crit_backstab_old_reload.zip
2017-03-25 18:01 - 2017-03-25 18:01 - 00000000 ____D C:\Users\Eskejp\Documents\NFS Carbon
2017-03-25 18:00 - 2017-03-25 18:00 - 00001028 _____ C:\Users\Eskejp\Desktop\Need For Speed Carbon.lnk
2017-03-25 17:46 - 2017-03-25 17:46 - 00621057 _____ C:\Users\Eskejp\Downloads\CarbonCamera.exe
2017-03-25 17:41 - 2017-03-25 18:01 - 00000000 ____D C:\Users\Eskejp\Downloads\Need For Speed Carbon
2017-03-25 17:37 - 2017-03-25 17:39 - 1493966395 _____ C:\Users\Eskejp\Downloads\[AVeRAnTeD]NFS-Carbon[Music+Video]Full-Rip.7z
2017-03-23 19:56 - 2017-03-23 19:56 - 00181936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSCover150.dll
2017-03-23 08:16 - 2017-04-18 20:00 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-03-23 08:16 - 2017-04-18 20:00 - 00000000 ____D C:\Program Files\paint.net
2017-03-23 08:15 - 2017-03-23 08:18 - 00000000 ____D C:\Users\Eskejp\AppData\Local\paint.net

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-20 13:14 - 2017-02-21 15:04 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-20 13:14 - 2017-02-21 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-20 13:02 - 2017-01-25 20:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-20 13:02 - 2017-01-21 17:03 - 00004266 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2017-04-20 13:02 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-20 08:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-04-20 07:06 - 2017-01-21 14:20 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-20 07:04 - 2017-01-21 17:03 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2017-04-20 07:04 - 2014-01-21 16:40 - 00000966 _____ C:\WINDOWS\SysWOW64\bscs.ini
2017-04-19 14:23 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-19 14:18 - 2017-01-25 19:09 - 00000000 ____D C:\Program Files\Windows Journal
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-18 21:02 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2017-04-18 17:15 - 2017-02-18 19:12 - 00251904 ___SH C:\Users\Eskejp\Downloads\Thumbs.db
2017-04-18 14:38 - 2017-03-17 10:20 - 00000000 ____D C:\ProgramData\VMware
2017-04-18 11:14 - 2017-01-24 20:35 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-04-17 15:08 - 2017-01-23 19:44 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-04-17 13:10 - 2014-11-21 06:53 - 01747250 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-17 13:10 - 2014-11-21 06:10 - 00737194 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-17 13:10 - 2014-11-21 06:10 - 00150070 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-17 13:10 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-04-16 21:02 - 2013-08-22 16:44 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-16 20:55 - 2013-05-01 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-04-16 20:55 - 2013-05-01 13:16 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-04-16 20:51 - 2012-07-26 11:45 - 00000000 ____D C:\WINDOWS\ShellNew
2017-04-16 15:36 - 2017-01-21 09:04 - 00000074 _____ C:\Users\Eskejp\AppData\Roaming\sp_data.sys
2017-04-16 15:34 - 2017-03-19 18:15 - 00000000 ____D C:\Fraps
2017-04-15 11:15 - 2017-01-26 20:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-04-15 11:04 - 2017-02-18 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2017-04-15 10:43 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2017-04-15 10:37 - 2013-08-22 17:36 - 00000000 ___SD C:\Program Files\Windows Sidebar
2017-04-15 10:37 - 2013-08-22 17:36 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2017-04-15 07:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-14 17:58 - 2017-01-21 18:53 - 00000000 ____D C:\Users\Eskejp\AppData\Local\CrashDumps
2017-04-14 14:48 - 2017-02-02 09:43 - 00153342 _____ C:\Users\Eskejp\Desktop\SteamAchievementManager63_hotfix (1).zip
2017-04-14 12:50 - 2017-01-25 20:23 - 00000000 ____D C:\Users\Eskejp
2017-04-14 12:41 - 2017-01-21 00:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 21:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-04-13 21:50 - 2017-01-21 16:09 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Skype
2017-04-13 21:43 - 2017-02-08 14:43 - 00000000 ____D C:\Users\steamfix
2017-04-13 17:46 - 2017-03-17 10:22 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\VMware
2017-04-13 17:46 - 2017-03-17 10:22 - 00000000 ____D C:\Users\Eskejp\AppData\Local\VMware
2017-04-12 19:16 - 2017-01-25 20:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-12 19:12 - 2017-01-25 20:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-12 19:09 - 2017-01-25 20:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-12 10:22 - 2017-01-23 00:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 10:12 - 2017-01-23 00:25 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-11 16:39 - 2017-01-21 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-09 20:40 - 2017-01-24 21:31 - 00000000 ____D C:\Users\Eskejp\AppData\Local\GeometryDash
2017-04-09 10:00 - 2017-02-02 17:39 - 00000000 ____D C:\Users\Eskejp\Documents\Camtasia Studio
2017-04-08 16:03 - 2017-02-02 21:44 - 00001717 _____ C:\Users\Eskejp\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-08 14:23 - 2017-02-14 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-08 14:22 - 2017-02-14 22:25 - 00000000 ____D C:\Program Files\Java
2017-04-08 13:49 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-08 13:42 - 2017-01-25 17:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-08 00:06 - 2017-01-23 01:35 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-07 15:57 - 2017-02-02 16:22 - 00000000 ____D C:\ProgramData\TechSmith
2017-04-07 15:50 - 2017-01-26 14:41 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\uTorrent
2017-04-06 07:41 - 2017-01-21 16:03 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-02 14:30 - 2017-01-21 19:17 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\.minecraft
2017-04-01 11:44 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-01 05:20 - 2017-01-25 14:01 - 04071816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 03588376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00491208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00406736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00042897 _____ C:\WINDOWS\system32\nvinfo.pb
2017-04-01 05:20 - 2017-01-21 13:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-04-01 04:10 - 2017-01-25 20:03 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 02481208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00549944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-04-01 04:09 - 2017-01-25 20:03 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-03-31 12:15 - 2017-01-25 20:03 - 07851747 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-03-28 05:32 - 2017-01-21 13:36 - 01882048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01472960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-03-27 16:50 - 2017-03-03 14:36 - 00000197 _____ C:\Users\Eskejp\Desktop\training.cfg
2017-03-26 16:57 - 2017-03-12 17:36 - 00000225 _____ C:\Users\Eskejp\Desktop\Gameowner.ini
2017-03-26 13:00 - 2017-02-02 21:28 - 00000276 _____ C:\Users\Eskejp\Desktop\Steam.txt
2017-03-23 08:11 - 2017-01-21 09:06 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Adobe
2017-03-22 11:02 - 2017-02-21 15:04 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Files in the root of some directories =======

2017-04-15 10:43 - 2017-04-15 10:43 - 0000624 _____ () C:\Users\Pin\AppData\Roaming\All CPU MeterV3_Settings.ini
2017-04-15 10:49 - 2017-04-15 10:49 - 0000282 _____ () C:\Users\Pin\AppData\Roaming\GPU MeterV2_Settings.ini
2017-04-16 13:38 - 2017-04-16 14:22 - 0001719 _____ () C:\Users\Pin\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-13 21:49 - 2017-04-19 19:36 - 0000074 _____ () C:\Users\Pin\AppData\Roaming\sp_data.sys
2017-04-19 19:07 - 2017-04-19 19:07 - 0003584 _____ () C:\Users\Pin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 13:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD. The user is not administrator

==================== End of FRST.txt ============================
MBAM log zde:

Kód: Vybrat vše

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 20.04.17
Čas skenování: 13:14
Logovací soubor: log.txt
Správce: Ne

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1767
Licence: Bezplatný

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: PC-ESC\Pin

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 425620
Uplynulý čas: 8 min, 15 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
Backdoor.DarkComet.Trace, HKU\S-1-5-21-459092724-1688354535-1890333071-1009\SOFTWARE\DC3_FEXEC, Žádná uživatelská akce, [15083], [246706],1.0.1767

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 1
Trojan.StolenData, C:\USERS\PIN\APPDATA\ROAMING\DCLOGS, Žádná uživatelská akce, [1015], [250094],1.0.1767

Soubor: 10
Trojan.StolenData, C:\USERS\PIN\APPDATA\ROAMING\DCLOGS\2017-04-17-2.DC, Žádná uživatelská akce, [1015], [250094],1.0.1767
Trojan.StolenData, C:\Users\Pin\AppData\Roaming\dclogs\2017-04-18-3.dc, Žádná uživatelská akce, [1015], [250094],1.0.1767
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Žádná uživatelská akce, [1013], [324964],1.0.1767
RiskWare.DLLInjector, C:\USERS\ESKEJP\DOWNLOADS\DLLINJECTOR.EXE, Žádná uživatelská akce, [10074], [153171],1.0.1767
PUP.Optional.Babylon, C:\USERS\ESKEJP\DOWNLOADS\UNLOCKER1.9.2.EXE, Žádná uživatelská akce, [1706], [76260],1.0.1767
Trojan.Dropper, C:\USERS\ESKEJP\DOWNLOADS\VAPERAR.RAR, Žádná uživatelská akce, [19], [369724],1.0.1767
PUP.Optional.MindSpark, C:\USERS\ESKEJP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_free.gamingwonderland.com_0.localstorage, Žádná uživatelská akce, [266], [370343],1.0.1767
PUP.Optional.MindSpark, C:\USERS\ESKEJP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_free.gamingwonderland.com_0.localstorage-journal, Žádná uživatelská akce, [266], [370343],1.0.1767
PUP.Optional.MindSpark, C:\USERS\ESKEJP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_gamingwonderland.dl.myway.com_0.localstorage, Žádná uživatelská akce, [266], [240305],1.0.1767
PUP.Optional.MindSpark, C:\USERS\ESKEJP\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_gamingwonderland.dl.myway.com_0.localstorage-journal, Žádná uživatelská akce, [266], [240305],1.0.1767

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Předem díky za pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: MalwareBytes našel nějaké breberky.

#2 Příspěvek od Rudy »

Zdravím!
Ty položky, které nalezl MBAM, všechny smažte. Restartujte a pak spusťte tuto uilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ESCGamer55
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 13 zář 2015 09:33

Re: MalwareBytes našel nějaké breberky.

#3 Příspěvek od ESCGamer55 »

Skenoval jsem už včera, takže sem hodím log co to včera vymazalo.

Kód: Vybrat vše

# AdwCleaner v6.045 - Log vytvořen 20/04/2017 v 19:42:48
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-19.2 [Server]
# Operační systém : Windows 8.1  (X64)
# Uživatelské jméno : Eskejp - PC-ESC
# Spuštěno z : C:\Users\Pin\Downloads\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-459092724-1688354535-1890333071-1009\Software\DC3_FEXEC


***** [ Prohlížeče ] *****

[-] [C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: slender.en.softonic.com
[-] [C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: android-x86.en.softonic.com
[-] [C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: iringer.en.softonic.com
[-] [C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: chklaanhfefbnpoihckbnefhakgolnmc
[-] [C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: kcdeaofcapijfmeopimkgcepdpbdepnb


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

\AdwCleaner\AdwCleaner[C0].txt - [1648 Bajty] - [20/04/2017 19:42:48]
\AdwCleaner\AdwCleaner[S0].txt - [2087 Bajty] - [20/04/2017 19:41:59]

########## EOF - \AdwCleaner\AdwCleaner[C0].txt - [1790 Bajty] ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: MalwareBytes našel nějaké breberky.

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ESCGamer55
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 13 zář 2015 09:33

Re: MalwareBytes našel nějaké breberky.

#5 Příspěvek od ESCGamer55 »

Tady:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-04-2017
Ran by Pin (ATTENTION: The user is not administrator) on PC-ESC (22-04-2017 08:15:22)
Running from C:\Users\Pin\Desktop
Loaded Profiles: Pin (Available Profiles: Eskejp & Pin)
Platform: Windows 8.1 (Update) (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> NVDisplay.Container.exe
Failed to access process -> NVDisplay.Container.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> unsignedthemes.exe
Failed to access process -> svchost.exe
Failed to access process -> AsLdrSrv.exe
Failed to access process -> GFNEXSrv.exe
Failed to access process -> AutoKMS.exe
Failed to access process -> spoolsv.exe
Failed to access process -> conhost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
Failed to access process -> atkexComSvc.exe
Failed to access process -> KBFiltr.exe
Failed to access process -> aaHMSvc.exe
Failed to access process -> InsOnSrv.exe
Failed to access process -> BlueSoleilCS.exe
Failed to access process -> InsOnWMI.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
Failed to access process -> svchost.exe
Failed to access process -> dasHost.exe
Failed to access process -> RIconMan.exe
Failed to access process -> HeciServer.exe
Failed to access process -> IpOverUsbSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
Failed to access process -> Jhi_service.exe
Failed to access process -> nvcontainer.exe
Failed to access process -> NvTelemetryContainer.exe
Failed to access process -> GameScannerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
Failed to access process -> RzSurroundVADStreamingService.exe
Failed to access process -> Updater.exe
Failed to access process -> vmnetdhcp.exe
Failed to access process -> vmnat.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> vmware-authd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Failed to access process -> vmware-usbarbitrator64.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> ICCProxy.exe
Failed to access process -> BsHelpCS.exe
Failed to access process -> svchost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
Failed to access process -> GoogleCrashHandler.exe
Failed to access process -> TrustedInstaller.exe
Failed to access process -> svchost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
Failed to access process -> GoogleCrashHandler64.exe
Failed to access process -> NisSrv.exe
Failed to access process -> TiWorker.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
Failed to access process -> dllhost.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Pin\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Farbar) C:\Users\Pin\Desktop\FRST.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [389368 2014-02-17] (IVT Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-459092724-1688354535-1890333071-1009\...\Run: [Discord] => C:\Users\Pin\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2017-04-01] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar335.lnk [2017-04-22]
ShortcutTarget: Sidebar335.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1	virustotal.com
Tcpip\..\Interfaces\{130B062A-3F88-47C8-B466-3066C1651009}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{B4788C22-8314-4EF4-8A66-9E7182107C26}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-459092724-1688354535-1890333071-1009\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-459092724-1688354535-1890333071-1009\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-14] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-14] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-459092724-1688354535-1890333071-1009: @nsroblox.roblox.com/launcher -> C:\Users\Pin\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-459092724-1688354535-1890333071-1009: @nsroblox.roblox.com/launcher64 -> C:\Users\Pin\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default [2017-04-21]
CHR Extension: (Prezentace Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-13]
CHR Extension: (Dokumenty Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-13]
CHR Extension: (Disk Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-13]
CHR Extension: (YouTube) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-13]
CHR Extension: (Tampermonkey) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-04-19]
CHR Extension: (Tabulky Google) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-14]
CHR Extension: (Grammarly for Chrome) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-13]
CHR Extension: (Gmail) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\Pin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2014-02-17] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-16] (IVT Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lmhosts; C:\WINDOWS\system32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
R2 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [File not signed]
R2 nsi; C:\WINDOWS\system32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [13824 2013-09-23] (The Within Network, LLC) [File not signed]
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12482024 2017-03-12] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-09-17] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
R3 BtAudioBusSrv; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\WINDOWS\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
U4 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S3 BthL2caScoIfSrv; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [51936 2014-01-20] (Ralink Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 m76usb; C:\WINDOWS\System32\drivers\m76usb.sys [539848 2014-02-12] (Ralink Technology Corp.)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-22] (Malwarebytes)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R2 uxstyle; C:\WINDOWS\system32\Drivers\uxstyle.sys [31440 2013-09-23] (The Within Network, LLC)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [37960 2016-11-14] (VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-22 08:15 - 2017-04-22 08:15 - 00000000 ____D C:\Users\Pin\Desktop\FRST-OlderVersion
2017-04-21 19:00 - 2017-04-21 19:00 - 00000222 _____ C:\Users\Pin\Desktop\Unturned.url
2017-04-21 18:39 - 2017-04-21 18:39 - 00046130 _____ C:\Users\Pin\Downloads\SteamAchievementManager63_hotfix.zip
2017-04-21 18:37 - 2017-04-21 19:00 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-04-21 18:37 - 2017-04-21 18:37 - 00000221 _____ C:\Users\Pin\Desktop\Spiral Knights.url
2017-04-21 16:07 - 2017-04-21 16:13 - 00000000 ____D C:\Users\Pin\Downloads\Microsoft Windows 10 Home and Pro x64 Clean ISO
2017-04-21 16:06 - 2017-04-21 16:44 - 00000000 ____D C:\Users\Pin\AppData\Roaming\uTorrent
2017-04-21 16:06 - 2017-04-21 16:06 - 00000992 _____ C:\Users\Pin\Desktop\µTorrent.lnk
2017-04-21 16:06 - 2017-04-21 16:06 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-04-21 16:04 - 2017-04-21 16:04 - 00000000 ___HD C:\$Windows.~WS
2017-04-21 16:04 - 2017-04-21 16:04 - 00000000 ____D C:\$WINDOWS.~BT
2017-04-21 16:02 - 2015-10-20 18:36 - 57195008 _____ () C:\Users\Pin\Downloads\Microsoft Toolkit 2.6 Beta 5.exe
2017-04-21 15:27 - 2017-04-21 15:27 - 00001640 _____ C:\Users\Pin\Desktop\creepy music.lnk
2017-04-20 19:38 - 2017-04-20 19:42 - 00000000 ____D C:\AdwCleaner
2017-04-20 19:38 - 2017-04-20 19:38 - 04089296 _____ C:\Users\Pin\Downloads\adwcleaner_6.045.exe
2017-04-20 19:23 - 2017-04-20 19:23 - 00000000 ____D C:\Users\Pin\Documents\Universe Sandbox ²
2017-04-20 19:22 - 2017-04-20 19:22 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Giant Army
2017-04-20 13:50 - 2017-04-20 13:50 - 00038253 _____ C:\Users\Pin\Desktop\Addition.txt
2017-04-20 13:49 - 2017-04-22 08:17 - 00021226 _____ C:\Users\Pin\Desktop\FRST.txt
2017-04-20 13:48 - 2017-04-22 08:15 - 02424832 _____ (Farbar) C:\Users\Pin\Desktop\FRST.exe
2017-04-20 13:48 - 2017-04-22 08:15 - 00000000 ____D C:\FRST
2017-04-20 13:48 - 2017-04-20 13:48 - 02424832 _____ (Farbar) C:\Users\Pin\Downloads\FRST64.exe
2017-04-20 13:14 - 2017-04-20 13:14 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-20 13:06 - 2017-04-20 13:16 - 00220122 _____ C:\WINDOWS\ntbtlog.txt
2017-04-19 19:37 - 2017-04-22 07:57 - 00000000 ____D C:\Users\Pin\AppData\Local\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Users\Pin\AppData\Roaming\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\ProgramData\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Program Files\Classic Shell
2017-04-19 19:08 - 2017-04-19 19:12 - 00000000 ____D C:\Users\Pin\Documents\Camtasia Studio
2017-04-19 19:08 - 2017-04-19 19:08 - 25710592 _____ C:\Users\Pin\Documents\capture-1.camrec
2017-04-19 19:08 - 2017-04-19 19:08 - 00000000 ____D C:\Users\Pin\AppData\Local\TechSmith
2017-04-19 19:07 - 2017-04-19 19:07 - 00003584 _____ C:\Users\Pin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-19 19:06 - 2017-04-19 19:07 - 00000000 ____D C:\Users\Pin\AppData\Roaming\vlc
2017-04-19 18:54 - 2017-04-19 18:55 - 841764892 _____ C:\Users\Pin\Downloads\omg lol takovej medic.mp4
2017-04-18 20:44 - 2017-04-19 18:36 - 00002181 _____ C:\Users\Pin\Desktop\Spy's dictionary.txt
2017-04-18 20:02 - 2017-04-18 20:02 - 00599552 _____ () C:\Users\Pin\Desktop\Hoovy V2.exe
2017-04-18 20:00 - 2017-04-18 20:00 - 00001214 _____ C:\Users\Public\Desktop\paint.net.lnk
2017-04-18 19:32 - 2017-04-18 19:32 - 00000000 ____D C:\Users\Pin\AppData\Local\paint.net
2017-04-18 07:08 - 2017-04-18 07:11 - 00000121 _____ C:\Users\Pin\Desktop\smurf.txt
2017-04-17 15:52 - 2017-04-17 12:03 - 00277504 _____ () C:\Users\Pin\Desktop\Mazlíček Hoovy.exe
2017-04-17 15:03 - 2017-04-17 15:03 - 00001535 _____ C:\Users\Pin\Desktop\MSIAfterburner.lnk
2017-04-17 13:39 - 2017-04-19 18:00 - 00000451 _____ C:\Users\Pin\Desktop\DisguiseName.txt
2017-04-17 13:23 - 2017-04-17 13:23 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\dclogs
2017-04-17 13:18 - 2017-04-18 06:59 - 00000000 __SHD C:\Users\Pin\Documents\MSDCSC
2017-04-17 11:13 - 2017-04-17 11:13 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Temp
2017-04-17 11:12 - 2017-04-17 11:12 - 00000000 ____D C:\Users\Pin\AppData\Roaming\NuGet
2017-04-17 10:57 - 2017-04-17 10:57 - 00000000 ____D C:\Users\Pin\AppData\Local\Intel_Corporation
2017-04-16 20:51 - 2017-04-16 20:51 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Bandicam Company
2017-04-16 20:48 - 2017-04-16 20:48 - 00000000 ____D C:\Program Files\MSCONFIG for Windows 10 and 8
2017-04-16 18:35 - 2017-04-16 18:56 - 00000000 ____D C:\Users\Pin\AppData\Local\Roblox
2017-04-16 18:35 - 2017-04-16 18:41 - 00000154 _____ C:\Users\Pin\AppData\LocalLow\rbxcsettings.rbx
2017-04-16 18:35 - 2017-04-16 18:35 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-04-16 18:29 - 2017-04-16 19:18 - 00000000 ____D C:\Users\Pin\AppData\Roaming\FB7D0493-FDB8-4126-A2C9-EAA90F3DD5FF
2017-04-16 18:29 - 2017-04-16 18:31 - 00000000 ____D C:\Program Files\DSL Host
2017-04-16 18:26 - 2017-04-16 18:26 - 00000000 ____D C:\Users\Pin\AppData\Local\Vitalwerks
2017-04-16 13:38 - 2017-04-16 14:22 - 00001719 _____ C:\Users\Pin\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-16 13:37 - 2017-04-16 13:37 - 00000225 ____H C:\Users\Pin\Desktop\Gameowner.ini
2017-04-16 12:43 - 2017-04-16 12:46 - 00000000 ____D C:\Users\Pin\AppData\Roaming\.technic
2017-04-16 12:43 - 2017-02-14 22:41 - 04734784 _____ () C:\Users\Pin\Desktop\Technic.exe
2017-04-16 12:42 - 2017-04-16 12:42 - 00001261 ____H C:\Users\Pin\Desktop\nativelog.txt
2017-04-15 18:11 - 2017-04-15 18:11 - 00000000 ____D C:\Users\Pin\Desktop\SLAM
2017-04-15 18:05 - 2017-04-15 20:29 - 00000000 ____D C:\Users\Pin\AppData\Roaming\discord
2017-04-15 18:05 - 2017-04-15 18:05 - 00002198 _____ C:\Users\Pin\Desktop\Discord.lnk
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Local\SquirrelTemp
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Local\Discord
2017-04-15 12:30 - 2017-04-17 19:09 - 00000000 ____D C:\Users\Pin\Desktop\SFM Work
2017-04-15 12:29 - 2017-04-15 12:29 - 00000220 _____ C:\Users\Pin\Desktop\Source Filmmaker.url
2017-04-15 11:40 - 2017-04-16 20:57 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-04-15 11:40 - 2017-04-15 11:41 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2017-04-15 11:21 - 2017-04-15 11:21 - 00000000 ____D C:\Users\Pin\AppData\Roaming\NVIDIA
2017-04-15 11:20 - 2017-02-14 22:07 - 00000953 _____ C:\Users\Pin\Desktop\Majkraft.lnk
2017-04-15 11:15 - 2017-04-17 15:08 - 00000000 ____D C:\Users\Pin\AppData\Roaming\.minecraft
2017-04-15 11:06 - 2017-04-15 11:09 - 00000000 ____D C:\Users\Pin\Superposition
2017-04-15 11:04 - 2017-04-15 11:04 - 00000829 _____ C:\Users\Public\Desktop\Superposition Benchmark.lnk
2017-04-15 10:49 - 2017-04-15 10:49 - 00000282 _____ C:\Users\Pin\AppData\Roaming\GPU MeterV2_Settings.ini
2017-04-15 10:46 - 2017-04-15 10:46 - 00001711 _____ C:\Users\Pin\Desktop\Chrome.lnk
2017-04-15 10:43 - 2017-04-15 10:43 - 00000624 _____ C:\Users\Pin\AppData\Roaming\All CPU MeterV3_Settings.ini
2017-04-15 10:38 - 2017-04-15 10:38 - 00000000 ____D C:\Users\Pin\AppData\Local\Clipboarder
2017-04-15 10:37 - 2017-04-15 10:38 - 00000000 ____D C:\Users\Pin\AppData\Local\Sidebar7
2017-04-15 10:37 - 2017-04-15 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2017-04-15 08:39 - 2017-04-15 08:45 - 477644890 _____ C:\Users\Pin\Downloads\naugatx8620160902.iso.bz2
2017-04-15 08:37 - 2017-04-21 16:41 - 00000000 ____D C:\Users\Pin\AppData\Roaming\VMware
2017-04-15 08:37 - 2017-04-21 16:41 - 00000000 ____D C:\Users\Pin\AppData\Local\VMware
2017-04-15 08:37 - 2017-04-15 10:42 - 00002189 _____ C:\Users\Pin\Desktop\VMware Workstation.lnk
2017-04-15 08:33 - 2017-04-15 08:33 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Wireshark
2017-04-15 08:19 - 2017-04-15 08:19 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Notepad++
2017-04-14 21:17 - 2017-04-14 21:18 - 00000911 _____ C:\Users\Eskejp\Desktop\Steam Console.lnk
2017-04-14 21:08 - 2017-04-14 21:08 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Sun
2017-04-14 21:08 - 2017-04-14 21:08 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Sun
2017-04-14 20:31 - 2017-04-14 20:31 - 01389887 _____ C:\Users\Pin\Desktop\ESC.deskthemepack
2017-04-14 19:47 - 2017-04-14 20:21 - 00000000 ____D C:\Users\Pin\Desktop\Visual Studio
2017-04-14 19:45 - 2017-04-14 19:45 - 00000000 ____D C:\Users\Pin\AppData\Local\.IdentityService
2017-04-14 19:44 - 2017-04-18 19:54 - 00000000 ____D C:\Users\Pin\Documents\Visual Studio 2017
2017-04-14 19:44 - 2017-04-14 19:44 - 00000000 ____D C:\Users\Pin\AppData\Local\ServiceHub
2017-04-14 19:26 - 2017-04-14 19:37 - 00000000 ____D C:\Users\Pin\AppData\Roaming\obs-studio
2017-04-14 19:26 - 2017-04-14 19:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\obs-studio
2017-04-14 19:25 - 2017-04-14 19:25 - 00001180 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-04-14 19:24 - 2017-04-14 19:24 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-04-14 14:59 - 2017-04-14 14:59 - 00000863 _____ C:\Users\Pin\Desktop\GTA V.lnk
2017-04-14 14:59 - 2017-04-14 14:59 - 00000000 ____D C:\Users\Pin\Documents\Rockstar Games
2017-04-14 14:59 - 2017-04-14 14:59 - 00000000 ____D C:\Users\Pin\AppData\Local\Rockstar Games
2017-04-14 14:48 - 2017-04-21 17:32 - 00000000 ____D C:\Users\Pin\AppData\Local\CrashDumps
2017-04-14 14:45 - 2017-04-14 14:45 - 00000948 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-04-14 14:44 - 2017-04-22 07:57 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Skype
2017-04-14 14:44 - 2017-04-14 14:44 - 00000000 ____D C:\Users\Pin\Tracing
2017-04-14 13:53 - 2017-04-14 13:53 - 00000219 _____ C:\Users\Pin\Desktop\Team Fortress 2.url
2017-04-14 13:00 - 2017-04-21 21:54 - 00241152 ___SH C:\Users\Pin\Downloads\Thumbs.db
2017-04-13 22:14 - 2017-04-13 22:14 - 00001535 _____ C:\Users\Pin\Desktop\MSI Afterburner.lnk
2017-04-13 22:12 - 2017-04-13 22:12 - 00000983 _____ C:\Users\Pin\Desktop\Steam.lnk
2017-04-13 22:08 - 2017-04-13 22:08 - 00000000 ____D C:\Users\Pin\AppData\Local\Steam
2017-04-13 22:06 - 2017-04-01 03:12 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-13 22:06 - 2017-04-01 03:12 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-13 21:53 - 2017-04-13 21:53 - 00000000 ____D C:\Users\Pin\AppData\Roaming\WinRAR
2017-04-13 21:50 - 2017-04-13 21:50 - 00000000 ____D C:\Users\Pin\AppData\Local\CEF
2017-04-13 21:49 - 2017-04-22 08:14 - 00000074 _____ C:\Users\Pin\AppData\Roaming\sp_data.sys
2017-04-13 21:49 - 2017-04-13 21:49 - 00000000 ____D C:\Users\Pin\AppData\Local\NVIDIA Corporation
2017-04-13 21:48 - 2017-04-13 21:49 - 00000000 ____D C:\Users\Pin\AppData\Local\Razer
2017-04-13 21:46 - 2017-04-18 19:31 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Adobe
2017-04-13 21:46 - 2017-04-15 11:06 - 00000000 ____D C:\Users\Pin
2017-04-13 21:46 - 2017-04-14 13:08 - 00000000 ____D C:\Users\Pin\AppData\Local\Google
2017-04-13 21:46 - 2017-04-13 21:48 - 00000000 ____D C:\Users\Pin\AppData\Local\Packages
2017-04-13 21:46 - 2017-04-13 21:46 - 00001424 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-13 21:46 - 2017-04-13 21:46 - 00000020 ___SH C:\Users\Pin\ntuser.ini
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Soubory cookie
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Šablony
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Poslední
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Okolní tiskárny
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Okolní síť
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Nabídka Start
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Dokumenty
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Obrázky
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Hudba
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Filmy
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Data aplikací
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\AppData\Local\Data aplikací
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\WINDOWS\system32\NV
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\VirtualStore
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\NVIDIA
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\ASUS
2017-04-13 21:46 - 2014-11-21 07:02 - 00000369 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-04-13 21:46 - 2014-11-21 07:02 - 00000369 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-04-13 21:36 - 2017-04-13 21:39 - 00000201 _____ C:\Users\Eskejp\Desktop\win 8 explorer.vbs
2017-04-13 20:43 - 2017-04-13 20:43 - 01508371 _____ C:\Users\Eskejp\Downloads\oldspymod_7a0e5 (2).zip
2017-04-13 20:29 - 2017-04-13 21:35 - 00000147 _____ C:\Users\Eskejp\Desktop\list jmen.txt
2017-04-13 16:57 - 2017-04-13 16:57 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Mael
2017-04-13 16:53 - 2017-04-13 16:53 - 00882431 _____ C:\Users\Eskejp\Downloads\HxDSetupCSY.zip
2017-04-13 16:09 - 2017-04-13 16:10 - 02169248 _____ C:\Users\Eskejp\Downloads\ForceCrypter-master.zip
2017-04-13 14:46 - 2017-04-13 14:46 - 00001152 _____ C:\Users\Eskejp\Downloads\Remove_Take_Ownership_from_context_menu.reg
2017-04-13 14:45 - 2017-04-13 14:45 - 00001942 _____ C:\Users\Eskejp\Downloads\Add_Take_Ownership_to_context_menu.reg
2017-04-13 14:37 - 2017-04-13 14:37 - 03558240 _____ C:\Users\Eskejp\Downloads\default_win7_[winsounds.com]_1956.zip
2017-04-13 14:34 - 2017-04-13 14:47 - 00000062 _____ C:\Users\Eskejp\Desktop\blank error.vbs
2017-04-13 10:18 - 2017-04-13 10:18 - 22638821 _____ () C:\Users\Eskejp\Downloads\mctitan_launcher.exe
2017-04-13 10:18 - 2017-04-13 10:18 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\technic_warez
2017-04-12 21:25 - 2017-04-13 14:34 - 00000124 _____ C:\Users\Eskejp\Desktop\lsass end.vbs
2017-04-12 19:41 - 2017-04-12 19:41 - 05700576 _____ C:\Users\Eskejp\Downloads\NanoCore RAT 1.2.2.0 Cracked By Alcatraz3222.rar
2017-04-12 19:18 - 2017-04-12 19:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-12 19:18 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-04-12 19:18 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-04-12 19:18 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-04-12 19:18 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-04-12 19:14 - 2017-04-01 05:20 - 40201152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 35315256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 35280320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 28560440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 20055968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 17418608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 16431320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 14653888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-04-12 19:14 - 2017-04-01 05:20 - 13398512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 11112928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 10636240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 09316648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 08876272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 03430336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 03012152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438165.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438165.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01054776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00991800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00960448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00912952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00577544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00038336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-04-12 19:14 - 2017-04-01 05:20 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-04-12 19:14 - 2017-04-01 05:20 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-04-12 19:09 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-12 19:09 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-12 19:09 - 2017-03-28 05:32 - 00047552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-04-12 16:48 - 2017-04-16 20:58 - 00000000 ____D C:\Program Files\Sandboxie
2017-04-12 16:48 - 2017-04-12 16:48 - 08974992 _____ (Sandboxie Holdings, LLC) C:\Users\Eskejp\Downloads\SandboxieInstall.exe
2017-04-12 16:43 - 2017-04-12 16:43 - 00241736 _____ C:\Users\Eskejp\Downloads\DUCSetup_v4_1_1.exe
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\Users\Eskejp\AppData\Local\Vitalwerks
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\ProgramData\Vitalwerks
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\Program Files (x86)\No-IP
2017-04-12 15:36 - 2017-04-12 15:36 - 00000000 ____D C:\Users\Eskejp\Documents\Lawena Rec
2017-04-12 15:35 - 2017-04-12 15:35 - 25434245 _____ C:\Users\Eskejp\Downloads\lawena-stable-4.1.16.zip
2017-04-12 15:35 - 2017-04-12 15:35 - 24973035 _____ C:\Users\Eskejp\Downloads\lawena-recording-tool-4.1.16.zip
2017-04-12 15:35 - 2017-03-17 15:41 - 00000000 ____D C:\Users\Eskejp\Desktop\lawena
2017-04-12 09:50 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 09:50 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-04-12 09:50 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 09:50 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 09:50 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 09:50 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 09:50 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-04-12 09:50 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 09:50 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 09:50 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-04-12 09:50 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 09:50 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-04-12 09:50 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 09:50 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-04-12 09:50 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 09:50 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-04-12 09:50 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-04-12 09:50 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 09:50 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 09:50 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 09:50 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 09:50 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 09:50 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 09:50 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 09:50 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 09:50 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 09:50 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-04-12 09:50 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-04-12 09:50 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-04-12 09:50 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 09:50 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2017-04-12 09:50 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 09:50 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 09:50 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2017-04-12 09:50 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2017-04-12 09:50 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2017-04-12 09:50 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-04-12 09:50 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2017-04-12 09:50 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2017-04-12 09:50 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-04-12 09:50 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 09:50 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 09:50 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 09:50 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 09:50 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 09:50 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 09:50 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 09:50 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-04-12 09:50 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 09:50 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 09:50 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 09:50 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 09:50 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 09:50 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 09:50 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 09:50 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 09:50 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 09:50 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 09:50 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 09:50 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 09:50 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 09:50 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-04-12 09:50 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-04-12 09:50 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-04-12 09:50 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-04-12 09:50 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2017-04-12 09:50 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2017-04-12 09:50 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-04-12 09:50 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2017-04-12 09:50 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-04-12 09:50 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-04-12 09:50 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 09:50 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-04-12 09:50 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-04-12 09:50 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 09:50 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 09:50 - 2017-01-14 16:37 - 00447095 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-04-12 09:50 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2017-04-12 09:50 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2017-04-12 09:50 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-04-12 09:50 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2017-04-12 09:50 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-04-12 09:50 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2017-04-12 09:50 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-04-12 09:50 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-04-12 09:50 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-04-12 09:50 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-04-12 09:50 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-04-12 09:50 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-04-12 09:50 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-04-12 09:50 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2017-04-12 09:50 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-04-12 09:50 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-04-12 09:50 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-04-12 09:50 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-04-12 09:50 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-04-11 17:06 - 2017-04-11 17:06 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Wireshark
2017-04-11 16:54 - 2017-04-11 16:57 - 00001739 _____ C:\Users\Eskejp\Desktop\IP-Lookup.lnk
2017-04-11 16:46 - 2017-04-11 16:46 - 00000887 _____ C:\Users\Eskejp\Desktop\Wireshark.lnk
2017-04-11 16:40 - 2017-04-11 16:40 - 00000698 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-04-11 16:40 - 2017-04-11 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-04-11 16:40 - 2017-04-11 16:40 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-04-11 16:39 - 2017-04-11 16:39 - 00000577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-04-11 16:36 - 2017-04-11 16:36 - 49367072 _____ (Wireshark development team) C:\Users\Eskejp\Downloads\Wireshark-win64-2.2.5.exe
2017-04-11 14:37 - 2017-04-11 14:37 - 00000880 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NosTale.lnk
2017-04-11 14:34 - 2017-04-11 17:01 - 00000000 ____D C:\Program Files (x86)\Nostale
2017-04-11 14:18 - 2017-04-11 14:18 - 00981624 _____ (Gameforge 4D GmbH ) C:\Users\Eskejp\Downloads\2017-03-28_Nostale_CZ_Setup.exe
2017-04-11 13:41 - 2017-04-11 13:38 - 00315904 _____ (Pin Lád) C:\Users\Eskejp\Desktop\pinaim7.exe
2017-04-10 07:16 - 2017-04-10 13:53 - 00301182 _____ C:\Users\Eskejp\Desktop\PinAim V1.3.1.rar
2017-04-09 12:08 - 2017-04-10 13:55 - 00000000 ____D C:\Users\Eskejp\Desktop\My folder with Viruses
2017-04-09 10:54 - 2017-04-09 10:55 - 00000000 ____D C:\Users\Eskejp\Desktop\SFM
2017-04-09 10:07 - 2017-04-09 10:07 - 00266194 _____ C:\Users\Eskejp\Downloads\TF2 How could this Happen!.mp4
2017-04-09 09:49 - 2017-04-09 09:56 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\vlc
2017-04-09 09:48 - 2017-04-09 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-09 09:48 - 2017-04-09 09:48 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-04-08 18:49 - 2017-04-08 21:31 - 00000098 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Unity
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Local\Unity
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\ProgramData\Unity
2017-04-08 15:39 - 2017-04-08 15:37 - 00074752 _____ () C:\Users\Eskejp\Downloads\TF2 Aimbot by Pin Lad - VAC Undetected.exe
2017-04-08 14:44 - 2017-04-08 14:44 - 00000000 ____D C:\SymCache
2017-04-08 14:40 - 2017-04-08 14:40 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\NuGet
2017-04-08 14:35 - 2017-04-17 12:18 - 00000000 ____D C:\Users\Eskejp\Documents\Visual Studio 2017
2017-04-08 14:35 - 2017-04-08 14:35 - 00000000 ____D C:\Users\Eskejp\AppData\Local\.IdentityService
2017-04-08 14:30 - 2017-04-08 14:30 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2017-04-08 14:29 - 2017-04-08 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.4.0f3 (64-bit)
2017-04-08 14:27 - 2017-04-08 14:30 - 00000000 ____D C:\Program Files\Unity
2017-04-08 14:26 - 2017-04-08 14:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2017-04-08 14:23 - 2017-04-08 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2017-04-08 14:23 - 2017-04-08 14:23 - 00000000 ____D C:\Program Files (x86)\Android
2017-04-08 14:22 - 2017-04-08 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-04-08 14:21 - 2017-04-08 14:21 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-08 14:13 - 2017-04-08 14:13 - 00000000 ____D C:\Program Files (x86)\Entity Framework Tools
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\3082
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\2052
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1055
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1049
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1046
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1045
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1042
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1041
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1040
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1036
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1029
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1028
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\3082
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\2052
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1055
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1049
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1046
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1045
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1042
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1041
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1040
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1036
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1033
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1031
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1029
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1028
2017-04-08 14:12 - 2017-04-08 14:12 - 00000000 ____D C:\Program Files\Windows Kits
2017-04-08 14:09 - 2017-04-09 19:11 - 00004813 _____ C:\Users\Eskejp\Desktop\Mediic.vbs
2017-04-08 14:09 - 2017-04-08 14:09 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files\Application Verifier
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2017-04-08 14:03 - 2017-04-08 14:03 - 00000000 ____D C:\Program Files (x86)\NuGet
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-04-08 13:43 - 2017-04-08 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-04-08 13:43 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2017-04-08 13:42 - 2017-04-08 13:42 - 00001701 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk
2017-04-08 13:42 - 2017-04-08 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2017-04-08 13:39 - 2017-04-08 13:39 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2017-04-08 13:37 - 2017-04-08 14:34 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Visual Studio Setup
2017-04-08 13:37 - 2017-04-08 14:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2017-04-08 13:37 - 2017-04-08 13:37 - 00002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2017-04-08 13:37 - 2017-04-08 13:37 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\vstelemetry
2017-04-08 13:37 - 2017-04-08 13:37 - 00000000 ____D C:\Users\Eskejp\AppData\Local\ServiceHub
2017-04-08 11:58 - 2017-04-08 11:58 - 00013052 _____ C:\Users\Eskejp\Documents\MEMZ 4.0 Clean.zip
2017-04-07 18:49 - 2017-04-08 11:20 - 00051200 ___SH C:\Users\Eskejp\Desktop\Thumbs.db
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\Program Files (x86)\TechSmith
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2017-04-07 15:38 - 2017-04-07 15:43 - 00000000 ____D C:\Users\Eskejp\Downloads\Camtasia.Studio.v8.0.0.Build.878.Incl.Keygen
2017-04-07 15:35 - 2017-04-16 20:51 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-04-07 15:34 - 2017-04-07 15:34 - 17033192 _____ (Bandicam Company) C:\Users\Eskejp\Documents\bdcamsetup.exe
2017-04-07 14:04 - 2017-04-05 14:05 - 00000077 _____ C:\Users\Eskejp\Downloads\hesla.txt
2017-04-06 16:33 - 2017-04-06 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\TeamViewer
2017-04-06 16:32 - 2017-04-16 15:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-06 16:32 - 2017-04-06 16:32 - 13194408 _____ (TeamViewer GmbH) C:\Users\Eskejp\Documents\TeamViewer_Setup_cs.exe
2017-04-05 17:54 - 2017-04-05 17:55 - 00107412 _____ C:\Users\Eskejp\Desktop\WindowsFix.zip
2017-04-05 17:45 - 2017-04-05 17:45 - 00107492 _____ C:\Users\Eskejp\Desktop\Virus.Win32.Winkiller.zip
2017-04-05 14:04 - 2017-04-05 14:05 - 00000077 _____ C:\Users\Eskejp\Desktop\hesla.txt
2017-04-04 20:49 - 2017-04-05 17:45 - 00000000 ____D C:\Users\Eskejp\Desktop\Wiruses
2017-04-02 13:12 - 2017-04-02 13:12 - 00000000 ____D C:\Users\Eskejp\AppData\Local\RzStats
2017-04-02 13:05 - 2017-04-22 08:16 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-04-02 13:05 - 2017-04-02 13:05 - 00000000 ____D C:\ProgramData\RzSurroundVAD_1.1.62.0
2017-04-02 13:05 - 2017-04-02 13:05 - 00000000 _____ C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2017-04-02 09:03 - 2017-04-02 09:03 - 07291524 _____ C:\Users\Eskejp\Documents\faithful64pack-v1.4.0.zip
2017-04-02 09:00 - 2017-04-02 09:00 - 00033294 _____ C:\Users\Eskejp\Documents\Chocapic13 V4-Medium.zip
2017-04-02 08:53 - 2017-04-02 08:53 - 00067728 _____ C:\Users\Eskejp\Documents\SEUS-v10.1-Standard.zip
2017-04-01 18:44 - 2017-04-01 18:44 - 01617333 _____ C:\Users\Eskejp\Documents\OptiFine_1.7.10_HD_U_D7.jar
2017-04-01 09:26 - 2017-04-01 09:27 - 00000000 ___HD C:\Flo
2017-04-01 09:25 - 2017-04-01 09:25 - 04332773 _____ C:\Users\Eskejp\Documents\skinchanger.rar
2017-03-31 21:32 - 2017-04-01 05:20 - 00170360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2017-03-31 21:32 - 2017-03-17 02:59 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437892.dll
2017-03-31 21:32 - 2017-03-17 02:59 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437892.dll
2017-03-31 21:22 - 2017-03-31 21:22 - 00002206 _____ C:\Users\Eskejp\Documents\Registry-Tweaks-Collection-to-Make-Windows-Faster.zip
2017-03-31 21:20 - 2017-03-31 21:20 - 00000972 _____ C:\Users\Eskejp\Documents\aerolite.zip
2017-03-31 21:09 - 2017-03-31 21:09 - 01985978 _____ C:\Users\Eskejp\Documents\UxStyle_sep23_x86_x64_possibly_bugged.zip
2017-03-31 17:53 - 2017-03-31 17:53 - 00752617 _____ C:\Users\Eskejp\Documents\ScriptHookVDotNet (1).zip
2017-03-31 17:42 - 2017-03-31 17:42 - 01378066 _____ C:\Users\Eskejp\Documents\ScriptHookV_1.0.1011.1 (1).zip
2017-03-31 17:40 - 2017-03-31 17:40 - 00752617 _____ C:\Users\Eskejp\Documents\ScriptHookVDotNet.zip
2017-03-31 17:30 - 2017-03-31 17:30 - 00051936 _____ C:\Users\Eskejp\Documents\1487f6-BennysMotorworks.zip
2017-03-31 17:29 - 2017-03-31 17:29 - 01378066 _____ C:\Users\Eskejp\Documents\ScriptHookV_1.0.1011.1.zip
2017-03-31 16:35 - 2017-04-13 22:04 - 00000000 ____D C:\Users\Eskejp\Desktop\NanoCore
2017-03-31 16:33 - 2017-03-31 16:33 - 05700576 _____ C:\Users\Eskejp\Documents\NanoCore RAT 1.2.2.0 Cracked By Alcatraz3222.rar
2017-03-31 12:54 - 2017-03-31 12:54 - 00070144 _____ C:\Users\Eskejp\Desktop\winver.exe
2017-03-30 20:06 - 2017-03-30 20:06 - 00006509 _____ C:\Users\Eskejp\Downloads\ovc.user.js
2017-03-30 19:31 - 2017-03-30 19:31 - 00000000 ____D C:\ProgramData\ASUS
2017-03-30 19:31 - 2015-09-17 04:58 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-03-30 19:31 - 2015-09-17 04:58 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-03-30 19:30 - 2017-03-30 19:30 - 76775409 _____ C:\Users\Eskejp\Documents\AISuite3_Win10_V10147.zip
2017-03-30 19:26 - 2017-03-30 19:30 - 04363475 _____ C:\Users\Eskejp\Documents\HWiNFO.zip
2017-03-30 19:22 - 2017-03-30 19:22 - 03808448 _____ (Martin Malík - REALiX ) C:\Users\Eskejp\Documents\hw64_546.exe
2017-03-30 19:07 - 2017-03-30 19:07 - 00000000 ____D C:\Users\Eskejp\Desktop\cru-1.3
2017-03-30 19:01 - 2017-03-30 19:01 - 00537711 _____ C:\Users\Eskejp\Documents\cru-1.3.zip
2017-03-30 16:21 - 2017-03-30 16:21 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfrdvcompat.dll
2017-03-30 16:14 - 2017-03-30 16:14 - 00419176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfbasics.dll
2017-03-30 16:14 - 2017-03-30 16:14 - 00196856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vrfcore.dll
2017-03-30 16:13 - 2017-03-30 16:13 - 01151200 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfprintpthelper.dll
2017-03-30 16:13 - 2017-03-30 16:13 - 00148008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appverif.exe
2017-03-30 16:12 - 2017-03-30 16:12 - 00436944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfprint.dll
2017-03-30 16:12 - 2017-03-30 16:12 - 00085672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfnws.dll
2017-03-30 16:12 - 2017-03-30 16:12 - 00048264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfntlmless.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00278440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfluapriv.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00115784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfnet.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00049352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfcuzz.dll
2017-03-30 16:10 - 2017-03-30 16:10 - 00064888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfcompat.dll
2017-03-30 16:10 - 2017-03-30 16:10 - 00024464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cuzzapi.dll
2017-03-30 13:39 - 2017-03-30 13:39 - 00099160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfrdvcompat.dll
2017-03-30 13:26 - 2017-03-30 13:26 - 00176528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vrfcore.dll
2017-03-30 13:26 - 2017-03-30 13:26 - 00119944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appverif.exe
2017-03-30 13:25 - 2017-03-30 13:25 - 00375568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfbasics.dll
2017-03-30 13:24 - 2017-03-30 13:24 - 00632216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfprintpthelper.dll
2017-03-30 13:24 - 2017-03-30 13:24 - 00334008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfprint.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00252424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfluapriv.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00071096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfnws.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfntlmless.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00093472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfnet.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00066368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfcompat.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00045648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfcuzz.dll
2017-03-30 13:21 - 2017-03-30 13:21 - 00022352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cuzzapi.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 01797440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbased.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 00630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10sdklayers.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 00458040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10ref.dll
2017-03-30 00:52 - 2017-03-30 00:52 - 00031552 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft.windows.softwarelogo.showdesktop.exe
2017-03-30 00:41 - 2017-03-30 00:41 - 01505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbased.dll
2017-03-30 00:41 - 2017-03-30 00:41 - 00074560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsd3dwarpdebug.dll
2017-03-30 00:40 - 2017-03-30 00:40 - 00644408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11ref.dll
2017-03-30 00:40 - 2017-03-30 00:40 - 00063808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DRefDebug.dll
2017-03-30 00:38 - 2017-03-30 00:38 - 00082240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DRefDebug.dll
2017-03-30 00:38 - 2017-03-30 00:38 - 00075072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsd3dwarpdebug.dll
2017-03-30 00:37 - 2017-03-30 00:37 - 00763192 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11ref.dll
2017-03-30 00:27 - 2017-03-30 00:27 - 00481600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10sdklayers.dll
2017-03-30 00:27 - 2017-03-30 00:27 - 00361792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10ref.dll
2017-03-29 22:16 - 2017-03-29 22:16 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dref9.dll
2017-03-29 22:11 - 2017-03-29 22:11 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dref9.dll
2017-03-29 21:52 - 2017-03-29 21:52 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2017-03-29 21:52 - 2017-03-29 21:52 - 00103728 _____ C:\WINDOWS\SysWOW64\appverifUI.dll
2017-03-29 21:48 - 2017-03-29 21:48 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2017-03-29 21:48 - 2017-03-29 21:48 - 00129840 _____ C:\WINDOWS\system32\appverifUI.dll
2017-03-29 20:40 - 2017-03-29 20:40 - 00322842 _____ C:\Users\Eskejp\Documents\sweetfx_redone.7z
2017-03-29 13:54 - 2017-03-29 13:54 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Bat To Exe Converter
2017-03-29 13:43 - 2017-03-29 13:43 - 02710688 _____ (Sysinternals - www.sysinternals.com) C:\Users\Eskejp\Documents\procexp.exe
2017-03-29 13:00 - 2017-03-31 12:54 - 00098751 _____ C:\Users\Eskejp\Desktop\csrrs.exe.cmd
2017-03-27 20:03 - 2017-03-27 20:03 - 00493732 _____ C:\Users\Eskejp\Documents\sweetfx-csgo.zip
2017-03-26 17:09 - 2017-03-27 18:09 - 00000000 ____D C:\Users\Eskejp\Desktop\SLAM
2017-03-26 17:05 - 2017-04-15 18:11 - 00000000 ____D C:\Users\Eskejp\AppData\Local\SLAM
2017-03-26 17:05 - 2017-03-26 17:05 - 00428153 _____ C:\Users\Eskejp\Documents\SLAM_v1.5.0.zip
2017-03-26 17:01 - 2017-03-26 17:01 - 03114048 _____ C:\Users\Eskejp\Documents\AutoHotkey_1.1.25.01_setup.exe
2017-03-26 16:33 - 2016-10-25 22:04 - 00228864 _____ C:\Users\Eskejp\Desktop\formule.dll
2017-03-26 12:53 - 2017-03-26 12:53 - 00290718 _____ C:\Users\Eskejp\Downloads\no_crit_backstab_old_reload.zip
2017-03-25 18:01 - 2017-03-25 18:01 - 00000000 ____D C:\Users\Eskejp\Documents\NFS Carbon
2017-03-25 18:00 - 2017-03-25 18:00 - 00001028 _____ C:\Users\Eskejp\Desktop\Need For Speed Carbon.lnk
2017-03-25 17:46 - 2017-03-25 17:46 - 00621057 _____ C:\Users\Eskejp\Downloads\CarbonCamera.exe
2017-03-25 17:41 - 2017-03-25 18:01 - 00000000 ____D C:\Users\Eskejp\Downloads\Need For Speed Carbon
2017-03-25 17:37 - 2017-03-25 17:39 - 1493966395 _____ C:\Users\Eskejp\Downloads\[AVeRAnTeD]NFS-Carbon[Music+Video]Full-Rip.7z
2017-03-23 19:56 - 2017-03-23 19:56 - 00181936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSCover150.dll
2017-03-23 08:16 - 2017-04-18 20:00 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-03-23 08:16 - 2017-04-18 20:00 - 00000000 ____D C:\Program Files\paint.net
2017-03-23 08:15 - 2017-03-23 08:18 - 00000000 ____D C:\Users\Eskejp\AppData\Local\paint.net

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-22 08:13 - 2017-03-17 10:20 - 00000000 ____D C:\ProgramData\VMware
2017-04-22 08:13 - 2017-01-25 20:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-22 08:13 - 2017-01-21 17:03 - 00004268 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2017-04-22 08:13 - 2014-01-21 16:40 - 00000966 _____ C:\WINDOWS\SysWOW64\bscs.ini
2017-04-22 08:13 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-22 07:58 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-04-22 07:57 - 2017-02-21 15:04 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-22 07:57 - 2017-01-21 17:03 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2017-04-22 07:57 - 2017-01-21 14:20 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-21 17:08 - 2017-02-18 19:12 - 00251904 ___SH C:\Users\Eskejp\Downloads\Thumbs.db
2017-04-21 16:16 - 2017-03-17 10:22 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\VMware
2017-04-21 16:16 - 2017-03-17 10:22 - 00000000 ____D C:\Users\Eskejp\AppData\Local\VMware
2017-04-21 16:05 - 2017-01-25 19:49 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-20 19:30 - 2017-01-24 20:35 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-04-20 13:14 - 2017-02-21 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-20 08:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-04-19 14:23 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-19 14:18 - 2017-01-25 19:09 - 00000000 ____D C:\Program Files\Windows Journal
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-18 21:02 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2017-04-17 15:08 - 2017-01-23 19:44 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-04-17 13:10 - 2014-11-21 06:53 - 01747250 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-17 13:10 - 2014-11-21 06:10 - 00737194 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-17 13:10 - 2014-11-21 06:10 - 00150070 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-16 21:02 - 2013-08-22 16:44 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-16 20:55 - 2013-05-01 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-04-16 20:55 - 2013-05-01 13:16 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-04-16 20:51 - 2012-07-26 11:45 - 00000000 ____D C:\WINDOWS\ShellNew
2017-04-16 15:36 - 2017-01-21 09:04 - 00000074 _____ C:\Users\Eskejp\AppData\Roaming\sp_data.sys
2017-04-16 15:34 - 2017-03-19 18:15 - 00000000 ____D C:\Fraps
2017-04-15 11:15 - 2017-01-26 20:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-04-15 11:04 - 2017-02-18 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2017-04-15 10:43 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2017-04-15 10:37 - 2013-08-22 17:36 - 00000000 ___SD C:\Program Files\Windows Sidebar
2017-04-15 10:37 - 2013-08-22 17:36 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2017-04-15 07:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-14 17:58 - 2017-01-21 18:53 - 00000000 ____D C:\Users\Eskejp\AppData\Local\CrashDumps
2017-04-14 14:48 - 2017-02-02 09:43 - 00153342 _____ C:\Users\Eskejp\Desktop\SteamAchievementManager63_hotfix (1).zip
2017-04-14 12:50 - 2017-01-25 20:23 - 00000000 ____D C:\Users\Eskejp
2017-04-14 12:41 - 2017-01-21 00:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 21:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-04-13 21:50 - 2017-01-21 16:09 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Skype
2017-04-13 21:43 - 2017-02-08 14:43 - 00000000 ____D C:\Users\steamfix
2017-04-12 19:16 - 2017-01-25 20:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-12 19:12 - 2017-01-25 20:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-12 19:09 - 2017-01-25 20:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-12 10:22 - 2017-01-23 00:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 10:12 - 2017-01-23 00:25 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-11 16:39 - 2017-01-21 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-09 20:40 - 2017-01-24 21:31 - 00000000 ____D C:\Users\Eskejp\AppData\Local\GeometryDash
2017-04-09 10:00 - 2017-02-02 17:39 - 00000000 ____D C:\Users\Eskejp\Documents\Camtasia Studio
2017-04-08 16:03 - 2017-02-02 21:44 - 00001717 _____ C:\Users\Eskejp\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-08 14:23 - 2017-02-14 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-08 14:22 - 2017-02-14 22:25 - 00000000 ____D C:\Program Files\Java
2017-04-08 13:49 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-08 13:42 - 2017-01-25 17:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-08 00:06 - 2017-01-23 01:35 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-07 15:57 - 2017-02-02 16:22 - 00000000 ____D C:\ProgramData\TechSmith
2017-04-07 15:50 - 2017-01-26 14:41 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\uTorrent
2017-04-06 07:41 - 2017-01-21 16:03 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-02 14:30 - 2017-01-21 19:17 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\.minecraft
2017-04-01 11:44 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-01 05:20 - 2017-01-25 14:01 - 04071816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 03588376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00491208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00406736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00042897 _____ C:\WINDOWS\system32\nvinfo.pb
2017-04-01 05:20 - 2017-01-21 13:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-04-01 04:10 - 2017-01-25 20:03 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 02481208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00549944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-04-01 04:09 - 2017-01-25 20:03 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-03-31 12:15 - 2017-01-25 20:03 - 07851747 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-03-28 05:32 - 2017-01-21 13:36 - 01882048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01472960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-03-27 16:50 - 2017-03-03 14:36 - 00000197 _____ C:\Users\Eskejp\Desktop\training.cfg
2017-03-26 16:57 - 2017-03-12 17:36 - 00000225 _____ C:\Users\Eskejp\Desktop\Gameowner.ini
2017-03-26 13:00 - 2017-02-02 21:28 - 00000276 _____ C:\Users\Eskejp\Desktop\Steam.txt
2017-03-23 08:11 - 2017-01-21 09:06 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2017-04-15 10:43 - 2017-04-15 10:43 - 0000624 _____ () C:\Users\Pin\AppData\Roaming\All CPU MeterV3_Settings.ini
2017-04-15 10:49 - 2017-04-15 10:49 - 0000282 _____ () C:\Users\Pin\AppData\Roaming\GPU MeterV2_Settings.ini
2017-04-16 13:38 - 2017-04-16 14:22 - 0001719 _____ () C:\Users\Pin\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-13 21:49 - 2017-04-22 08:14 - 0000074 _____ () C:\Users\Pin\AppData\Roaming\sp_data.sys
2017-04-19 19:07 - 2017-04-19 19:07 - 0003584 _____ () C:\Users\Pin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 13:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD. The user is not administrator

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: MalwareBytes našel nějaké breberky.

#6 Příspěvek od Rudy »

Mazání se musí provádět z účtu administrátora. Pokud jej nemáte, mazání nebude fungovat. Restartujte dk účtu z plnými právy a dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ESCGamer55
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 13 zář 2015 09:33

Re: MalwareBytes našel nějaké breberky.

#7 Příspěvek od ESCGamer55 »

FRST jsem zapnul z účtu admina, takže zde:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2017 01
Ran by Eskejp (administrator) on PC-ESC (24-04-2017 16:11:04)
Running from C:\Users\Eskejp\Desktop
Loaded Profiles: Eskejp (Available Profiles: Eskejp & Pin)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(The Within Network, LLC) C:\Windows\unsignedthemes.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(Beepa P/L) C:\Fraps\fraps.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
() C:\Windows\AutoKMS\AutoKMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\SwReporter\18.100.0\software_reporter_tool.exe
(Google) C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\SwReporter\18.100.0\software_reporter_tool.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer, Inc.) C:\Users\Eskejp\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [389368 2014-02-17] (IVT Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2017-04-01] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar928.lnk [2017-04-24]
ShortcutTarget: Sidebar928.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1	virustotal.com
Tcpip\..\Interfaces\{130B062A-3F88-47C8-B466-3066C1651009}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{B4788C22-8314-4EF4-8A66-9E7182107C26}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-ww
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-459092724-1688354535-1890333071-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-459092724-1688354535-1890333071-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-14] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-14] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-459092724-1688354535-1890333071-1002: @nsroblox.roblox.com/launcher -> C:\Users\Eskejp\AppData\Local\Roblox\Versions\version-86e5c81a75134199\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-459092724-1688354535-1890333071-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\Eskejp\AppData\Local\Roblox\Versions\version-86e5c81a75134199\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default [2017-04-24]
CHR Extension: (Prezentace Google) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-21]
CHR Extension: (Dokumenty Google) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-21]
CHR Extension: (Disk Google) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-21]
CHR Extension: (YouTube) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-21]
CHR Extension: (Adblock Plus) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (JSONView) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2017-04-23]
CHR Extension: (Steam Inventory Helper) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-04-14]
CHR Extension: (Tampermonkey) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-21]
CHR Extension: (Tabulky Google) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-21]
CHR Extension: (Grammarly for Chrome) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-04-16]
CHR Extension: (Ghostery) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (AdF.ly Skipper ★NOW WORKING: 4/22/2017★) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2017-04-23]
CHR Extension: (Speedtest by Ookla) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2017-01-21]
CHR Extension: (Gmail) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-21]
CHR Extension: (Chrome Media Router) - C:\Users\Eskejp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-04-21] ()
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2014-02-17] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-16] (IVT Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [13824 2013-09-23] (The Within Network, LLC) [File not signed]
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12482024 2017-03-12] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-09-17] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
R3 BtAudioBusSrv; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\WINDOWS\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation)
U4 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S3 BthL2caScoIfSrv; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [51936 2014-01-20] (Ralink Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 m76usb; C:\WINDOWS\System32\drivers\m76usb.sys [539848 2014-02-12] (Ralink Technology Corp.)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-22] (Malwarebytes)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R2 uxstyle; C:\WINDOWS\system32\Drivers\uxstyle.sys [31440 2013-09-23] (The Within Network, LLC)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [37960 2016-11-14] (VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-24 16:11 - 2017-04-24 16:11 - 00023881 _____ C:\Users\Eskejp\Desktop\FRST.txt
2017-04-24 16:10 - 2017-04-24 16:10 - 02426368 _____ (Farbar) C:\Users\Eskejp\Downloads\FRST64.exe
2017-04-24 16:10 - 2017-04-24 16:10 - 02426368 _____ (Farbar) C:\Users\Eskejp\Desktop\FRST64.exe
2017-04-24 16:08 - 2017-04-24 16:08 - 16973285 _____ C:\Users\Pin\Downloads\craftbukkit-1.8.8-R0.1-SNAPSHOT-latest.jar
2017-04-24 07:07 - 2017-04-24 07:07 - 269737984 _____ C:\Users\Pin\Documents\stab.camrec
2017-04-23 20:43 - 2017-04-23 20:45 - 3374276608 _____ C:\Users\Pin\Documents\capture-2.camrec
2017-04-23 13:26 - 2017-04-23 13:26 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\ClassicShell
2017-04-23 13:26 - 2017-04-23 13:26 - 00000000 ____D C:\Users\Eskejp\AppData\Local\ClassicShell
2017-04-22 20:08 - 2017-04-22 20:08 - 00000000 ____D C:\Users\Pin\AppData\Roaming\UnknownApplicationVendor
2017-04-22 20:07 - 2017-04-22 20:07 - 05142796 _____ C:\Users\Pin\Downloads\portmapper-2.0.0.jar
2017-04-22 18:55 - 2017-04-22 18:55 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Smartly Dressed Games
2017-04-22 15:36 - 2017-04-22 15:36 - 00030905 _____ C:\Users\Pin\Downloads\Desktop.rar
2017-04-22 11:05 - 2017-04-22 11:05 - 00005838 _____ C:\WINDOWS\system32\--traceoff
2017-04-22 11:05 - 2017-04-22 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-04-22 11:05 - 2017-04-22 11:05 - 00000000 _____ C:\WINDOWS\system32\--debugoff
2017-04-22 11:04 - 2017-04-22 11:04 - 00000000 ____D C:\Users\Eskejp\AppData\Local\Sony
2017-04-22 11:04 - 2017-04-22 11:04 - 00000000 ____D C:\ProgramData\Sony
2017-04-22 11:04 - 2017-04-22 11:04 - 00000000 ____D C:\Program Files (x86)\Sony
2017-04-22 11:03 - 2017-04-22 11:03 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Sony
2017-04-22 11:02 - 2017-04-22 11:02 - 00000000 ____D C:\Users\Pin\Downloads\Sony Vegas Pro 13.0 build 310 (64 bit) (patch KHG) [ChingLiu]
2017-04-21 20:39 - 2017-04-21 20:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Dispenser
2017-04-21 19:00 - 2017-04-21 19:00 - 00000222 _____ C:\Users\Pin\Desktop\Unturned.url
2017-04-21 18:39 - 2017-04-21 18:39 - 00046130 _____ C:\Users\Pin\Downloads\SteamAchievementManager63_hotfix.zip
2017-04-21 18:37 - 2017-04-21 19:00 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-04-21 16:07 - 2017-04-21 16:13 - 00000000 ____D C:\Users\Pin\Downloads\Microsoft Windows 10 Home and Pro x64 Clean ISO
2017-04-21 16:06 - 2017-04-22 11:09 - 00000000 ____D C:\Users\Pin\AppData\Roaming\uTorrent
2017-04-21 16:06 - 2017-04-21 16:06 - 00000992 _____ C:\Users\Pin\Desktop\µTorrent.lnk
2017-04-21 16:06 - 2017-04-21 16:06 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-04-21 16:04 - 2017-04-21 16:04 - 00000000 ___HD C:\$Windows.~WS
2017-04-21 16:04 - 2017-04-21 16:04 - 00000000 ____D C:\$WINDOWS.~BT
2017-04-21 16:02 - 2015-10-20 18:36 - 57195008 _____ () C:\Users\Pin\Downloads\Microsoft Toolkit 2.6 Beta 5.exe
2017-04-21 15:27 - 2017-04-21 15:27 - 00001640 _____ C:\Users\Pin\Desktop\creepy music.lnk
2017-04-20 19:38 - 2017-04-20 19:42 - 00000000 ____D C:\AdwCleaner
2017-04-20 19:38 - 2017-04-20 19:38 - 04089296 _____ C:\Users\Pin\Downloads\adwcleaner_6.045.exe
2017-04-20 19:23 - 2017-04-20 19:23 - 00000000 ____D C:\Users\Pin\Documents\Universe Sandbox ²
2017-04-20 19:22 - 2017-04-20 19:22 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Giant Army
2017-04-20 13:49 - 2017-04-22 08:22 - 00084343 _____ C:\Users\Pin\Desktop\FRST.txt
2017-04-20 13:48 - 2017-04-24 16:11 - 00000000 ____D C:\FRST
2017-04-20 13:48 - 2017-04-22 08:15 - 02424832 _____ (Farbar) C:\Users\Pin\Desktop\FRST.exe
2017-04-20 13:48 - 2017-04-20 13:48 - 02424832 _____ (Farbar) C:\Users\Pin\Downloads\FRST64.exe
2017-04-20 13:14 - 2017-04-20 13:14 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-20 13:06 - 2017-04-20 13:16 - 00220122 _____ C:\WINDOWS\ntbtlog.txt
2017-04-19 19:37 - 2017-04-24 16:04 - 00000000 ____D C:\Users\Pin\AppData\Local\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Users\Pin\AppData\Roaming\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\ProgramData\ClassicShell
2017-04-19 19:37 - 2017-04-19 19:37 - 00000000 ____D C:\Program Files\Classic Shell
2017-04-19 19:08 - 2017-04-24 13:45 - 00000000 ____D C:\Users\Pin\Documents\Camtasia Studio
2017-04-19 19:08 - 2017-04-19 19:08 - 25710592 _____ C:\Users\Pin\Documents\capture-1.camrec
2017-04-19 19:08 - 2017-04-19 19:08 - 00000000 ____D C:\Users\Pin\AppData\Local\TechSmith
2017-04-19 19:07 - 2017-04-24 07:07 - 00003584 _____ C:\Users\Pin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-19 19:06 - 2017-04-19 19:07 - 00000000 ____D C:\Users\Pin\AppData\Roaming\vlc
2017-04-19 18:54 - 2017-04-19 18:55 - 841764892 _____ C:\Users\Pin\Downloads\omg lol takovej medic.mp4
2017-04-18 20:44 - 2017-04-22 17:17 - 00002214 _____ C:\Users\Pin\Desktop\Spy's dictionary.txt
2017-04-18 20:02 - 2017-04-18 20:02 - 00599552 _____ () C:\Users\Pin\Desktop\Hoovy V2.exe
2017-04-18 20:00 - 2017-04-18 20:00 - 00001214 _____ C:\Users\Public\Desktop\paint.net.lnk
2017-04-18 19:32 - 2017-04-18 19:32 - 00000000 ____D C:\Users\Pin\AppData\Local\paint.net
2017-04-18 07:08 - 2017-04-18 07:11 - 00000121 _____ C:\Users\Pin\Desktop\smurf.txt
2017-04-17 15:52 - 2017-04-17 12:03 - 00277504 _____ () C:\Users\Pin\Desktop\Mazlíček Hoovy.exe
2017-04-17 13:39 - 2017-04-22 10:04 - 00000481 _____ C:\Users\Pin\Desktop\DisguiseName.txt
2017-04-17 13:23 - 2017-04-17 13:23 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\dclogs
2017-04-17 13:18 - 2017-04-18 06:59 - 00000000 __SHD C:\Users\Pin\Documents\MSDCSC
2017-04-17 11:13 - 2017-04-17 11:13 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Temp
2017-04-17 11:12 - 2017-04-17 11:12 - 00000000 ____D C:\Users\Pin\AppData\Roaming\NuGet
2017-04-17 10:57 - 2017-04-17 10:57 - 00000000 ____D C:\Users\Pin\AppData\Local\Intel_Corporation
2017-04-16 20:51 - 2017-04-16 20:51 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Bandicam Company
2017-04-16 20:48 - 2017-04-16 20:48 - 00000000 ____D C:\Program Files\MSCONFIG for Windows 10 and 8
2017-04-16 18:35 - 2017-04-16 18:56 - 00000000 ____D C:\Users\Pin\AppData\Local\Roblox
2017-04-16 18:35 - 2017-04-16 18:41 - 00000154 _____ C:\Users\Pin\AppData\LocalLow\rbxcsettings.rbx
2017-04-16 18:35 - 2017-04-16 18:35 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-04-16 18:29 - 2017-04-16 19:18 - 00000000 ____D C:\Users\Pin\AppData\Roaming\FB7D0493-FDB8-4126-A2C9-EAA90F3DD5FF
2017-04-16 18:29 - 2017-04-16 18:31 - 00000000 ____D C:\Program Files\DSL Host
2017-04-16 18:26 - 2017-04-16 18:26 - 00000000 ____D C:\Users\Pin\AppData\Local\Vitalwerks
2017-04-16 13:38 - 2017-04-23 18:09 - 00001721 _____ C:\Users\Pin\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-16 13:37 - 2017-04-16 13:37 - 00000225 ____H C:\Users\Pin\Desktop\Gameowner.ini
2017-04-16 12:43 - 2017-04-16 12:46 - 00000000 ____D C:\Users\Pin\AppData\Roaming\.technic
2017-04-16 12:43 - 2017-02-14 22:41 - 04734784 _____ () C:\Users\Pin\Desktop\Technic.exe
2017-04-16 12:42 - 2017-04-16 12:42 - 00001261 ____H C:\Users\Pin\Desktop\nativelog.txt
2017-04-15 18:11 - 2017-04-15 18:11 - 00000000 ____D C:\Users\Pin\Desktop\SLAM
2017-04-15 18:05 - 2017-04-15 20:29 - 00000000 ____D C:\Users\Pin\AppData\Roaming\discord
2017-04-15 18:05 - 2017-04-15 18:05 - 00002198 _____ C:\Users\Pin\Desktop\Discord.lnk
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Local\SquirrelTemp
2017-04-15 18:05 - 2017-04-15 18:05 - 00000000 ____D C:\Users\Pin\AppData\Local\Discord
2017-04-15 12:30 - 2017-04-22 10:57 - 00000000 ____D C:\Users\Pin\Desktop\SFM Work
2017-04-15 12:29 - 2017-04-15 12:29 - 00000220 _____ C:\Users\Pin\Desktop\Source Filmmaker.url
2017-04-15 11:40 - 2017-04-16 20:57 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-04-15 11:40 - 2017-04-15 11:41 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2017-04-15 11:21 - 2017-04-15 11:21 - 00000000 ____D C:\Users\Pin\AppData\Roaming\NVIDIA
2017-04-15 11:20 - 2017-02-14 22:07 - 00000953 _____ C:\Users\Pin\Desktop\Majkraft.lnk
2017-04-15 11:15 - 2017-04-23 16:31 - 00000000 ____D C:\Users\Pin\AppData\Roaming\.minecraft
2017-04-15 11:06 - 2017-04-15 11:09 - 00000000 ____D C:\Users\Pin\Superposition
2017-04-15 11:04 - 2017-04-15 11:04 - 00000829 _____ C:\Users\Public\Desktop\Superposition Benchmark.lnk
2017-04-15 10:49 - 2017-04-15 10:49 - 00000282 _____ C:\Users\Pin\AppData\Roaming\GPU MeterV2_Settings.ini
2017-04-15 10:46 - 2017-04-15 10:46 - 00001711 _____ C:\Users\Pin\Desktop\Chrome.lnk
2017-04-15 10:43 - 2017-04-15 10:43 - 00000624 _____ C:\Users\Pin\AppData\Roaming\All CPU MeterV3_Settings.ini
2017-04-15 10:38 - 2017-04-15 10:38 - 00000000 ____D C:\Users\Pin\AppData\Local\Clipboarder
2017-04-15 10:37 - 2017-04-15 10:38 - 00000000 ____D C:\Users\Pin\AppData\Local\Sidebar7
2017-04-15 10:37 - 2017-04-15 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2017-04-15 08:39 - 2017-04-15 08:45 - 477644890 _____ C:\Users\Pin\Downloads\naugatx8620160902.iso.bz2
2017-04-15 08:37 - 2017-04-21 16:41 - 00000000 ____D C:\Users\Pin\AppData\Roaming\VMware
2017-04-15 08:37 - 2017-04-21 16:41 - 00000000 ____D C:\Users\Pin\AppData\Local\VMware
2017-04-15 08:37 - 2017-04-15 10:42 - 00002189 _____ C:\Users\Pin\Desktop\VMware Workstation.lnk
2017-04-15 08:33 - 2017-04-15 08:33 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Wireshark
2017-04-15 08:19 - 2017-04-15 08:19 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Notepad++
2017-04-14 21:17 - 2017-04-14 21:18 - 00000911 _____ C:\Users\Eskejp\Desktop\Steam Console.lnk
2017-04-14 21:08 - 2017-04-14 21:08 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Sun
2017-04-14 21:08 - 2017-04-14 21:08 - 00000000 ____D C:\Users\Pin\AppData\LocalLow\Sun
2017-04-14 20:31 - 2017-04-14 20:31 - 01389887 _____ C:\Users\Pin\Desktop\ESC.deskthemepack
2017-04-14 19:47 - 2017-04-14 20:21 - 00000000 ____D C:\Users\Pin\Desktop\Visual Studio
2017-04-14 19:45 - 2017-04-14 19:45 - 00000000 ____D C:\Users\Pin\AppData\Local\.IdentityService
2017-04-14 19:44 - 2017-04-18 19:54 - 00000000 ____D C:\Users\Pin\Documents\Visual Studio 2017
2017-04-14 19:44 - 2017-04-14 19:44 - 00000000 ____D C:\Users\Pin\AppData\Local\ServiceHub
2017-04-14 19:26 - 2017-04-14 19:37 - 00000000 ____D C:\Users\Pin\AppData\Roaming\obs-studio
2017-04-14 19:26 - 2017-04-14 19:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\obs-studio
2017-04-14 19:25 - 2017-04-14 19:25 - 00001180 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-04-14 19:24 - 2017-04-14 19:24 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-04-14 14:59 - 2017-04-14 14:59 - 00000863 _____ C:\Users\Pin\Desktop\GTA V.lnk
2017-04-14 14:59 - 2017-04-14 14:59 - 00000000 ____D C:\Users\Pin\Documents\Rockstar Games
2017-04-14 14:59 - 2017-04-14 14:59 - 00000000 ____D C:\Users\Pin\AppData\Local\Rockstar Games
2017-04-14 14:48 - 2017-04-21 17:32 - 00000000 ____D C:\Users\Pin\AppData\Local\CrashDumps
2017-04-14 14:45 - 2017-04-14 14:45 - 00000948 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-04-14 14:44 - 2017-04-23 13:17 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Skype
2017-04-14 14:44 - 2017-04-14 14:44 - 00000000 ____D C:\Users\Pin\Tracing
2017-04-14 13:53 - 2017-04-14 13:53 - 00000219 _____ C:\Users\Pin\Desktop\Team Fortress 2.url
2017-04-14 13:00 - 2017-04-22 21:54 - 00270336 ___SH C:\Users\Pin\Downloads\Thumbs.db
2017-04-13 22:14 - 2017-04-13 22:14 - 00001535 _____ C:\Users\Pin\Desktop\MSI Afterburner.lnk
2017-04-13 22:12 - 2017-04-13 22:12 - 00000983 _____ C:\Users\Pin\Desktop\Steam.lnk
2017-04-13 22:08 - 2017-04-13 22:08 - 00000000 ____D C:\Users\Pin\AppData\Local\Steam
2017-04-13 22:06 - 2017-04-01 03:12 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-13 22:06 - 2017-04-01 03:12 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-13 21:53 - 2017-04-13 21:53 - 00000000 ____D C:\Users\Pin\AppData\Roaming\WinRAR
2017-04-13 21:52 - 2017-04-21 21:55 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-459092724-1688354535-1890333071-1009
2017-04-13 21:50 - 2017-04-13 21:50 - 00000000 ____D C:\Users\Pin\AppData\Local\CEF
2017-04-13 21:49 - 2017-04-24 06:58 - 00000074 _____ C:\Users\Pin\AppData\Roaming\sp_data.sys
2017-04-13 21:49 - 2017-04-13 21:49 - 00000000 ____D C:\Users\Pin\AppData\Local\NVIDIA Corporation
2017-04-13 21:48 - 2017-04-13 21:49 - 00000000 ____D C:\Users\Pin\AppData\Local\Razer
2017-04-13 21:46 - 2017-04-18 19:31 - 00000000 ____D C:\Users\Pin\AppData\Roaming\Adobe
2017-04-13 21:46 - 2017-04-15 11:06 - 00000000 ____D C:\Users\Pin
2017-04-13 21:46 - 2017-04-14 13:08 - 00000000 ____D C:\Users\Pin\AppData\Local\Google
2017-04-13 21:46 - 2017-04-13 21:48 - 00000000 ____D C:\Users\Pin\AppData\Local\Packages
2017-04-13 21:46 - 2017-04-13 21:46 - 00001424 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-04-13 21:46 - 2017-04-13 21:46 - 00000020 ___SH C:\Users\Pin\ntuser.ini
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Šablony
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Soubory cookie
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Poslední
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Okolní tiskárny
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Okolní síť
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Nabídka Start
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Dokumenty
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Obrázky
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Hudba
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Documents\Filmy
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\Data aplikací
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 _SHDL C:\Users\Pin\AppData\Local\Data aplikací
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\WINDOWS\system32\NV
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\VirtualStore
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\NVIDIA
2017-04-13 21:46 - 2017-04-13 21:46 - 00000000 ____D C:\Users\Pin\AppData\Local\ASUS
2017-04-13 21:46 - 2014-11-21 07:02 - 00000369 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-04-13 21:46 - 2014-11-21 07:02 - 00000369 _____ C:\Users\Pin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-04-13 21:36 - 2017-04-23 13:25 - 00000119 _____ C:\Users\Eskejp\Desktop\win 8 explorer.vbs
2017-04-13 20:43 - 2017-04-13 20:43 - 01508371 _____ C:\Users\Eskejp\Downloads\oldspymod_7a0e5 (2).zip
2017-04-13 20:29 - 2017-04-13 21:35 - 00000147 _____ C:\Users\Eskejp\Desktop\list jmen.txt
2017-04-13 16:57 - 2017-04-13 16:57 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Mael
2017-04-13 16:53 - 2017-04-13 16:53 - 00882431 _____ C:\Users\Eskejp\Downloads\HxDSetupCSY.zip
2017-04-13 16:09 - 2017-04-13 16:10 - 02169248 _____ C:\Users\Eskejp\Downloads\ForceCrypter-master.zip
2017-04-13 14:46 - 2017-04-13 14:46 - 00001152 _____ C:\Users\Eskejp\Downloads\Remove_Take_Ownership_from_context_menu.reg
2017-04-13 14:45 - 2017-04-13 14:45 - 00001942 _____ C:\Users\Eskejp\Downloads\Add_Take_Ownership_to_context_menu.reg
2017-04-13 14:37 - 2017-04-13 14:37 - 03558240 _____ C:\Users\Eskejp\Downloads\default_win7_[winsounds.com]_1956.zip
2017-04-13 14:34 - 2017-04-13 14:47 - 00000062 _____ C:\Users\Eskejp\Desktop\blank error.vbs
2017-04-13 10:18 - 2017-04-13 10:18 - 22638821 _____ () C:\Users\Eskejp\Downloads\mctitan_launcher.exe
2017-04-13 10:18 - 2017-04-13 10:18 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\technic_warez
2017-04-12 21:25 - 2017-04-13 14:34 - 00000124 _____ C:\Users\Eskejp\Desktop\lsass end.vbs
2017-04-12 19:41 - 2017-04-12 19:41 - 05700576 _____ C:\Users\Eskejp\Downloads\NanoCore RAT 1.2.2.0 Cracked By Alcatraz3222.rar
2017-04-12 19:18 - 2017-04-12 19:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-12 19:18 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-04-12 19:18 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-04-12 19:18 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-04-12 19:18 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-04-12 19:14 - 2017-04-01 05:20 - 40201152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 35315256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 35280320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 28560440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 20055968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 17418608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 16431320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 14653888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-04-12 19:14 - 2017-04-01 05:20 - 13398512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 11112928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 10636240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 09316648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 08876272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 03430336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 03012152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438165.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438165.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 01054776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00991800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00960448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00912952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00577544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2017-04-12 19:14 - 2017-04-01 05:20 - 00038336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-04-12 19:14 - 2017-04-01 05:20 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-04-12 19:14 - 2017-04-01 05:20 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-04-12 19:09 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-12 19:09 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-12 19:09 - 2017-03-28 05:32 - 00047552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-04-12 16:48 - 2017-04-16 20:58 - 00000000 ____D C:\Program Files\Sandboxie
2017-04-12 16:48 - 2017-04-12 16:48 - 08974992 _____ (Sandboxie Holdings, LLC) C:\Users\Eskejp\Downloads\SandboxieInstall.exe
2017-04-12 16:43 - 2017-04-12 16:43 - 00241736 _____ C:\Users\Eskejp\Downloads\DUCSetup_v4_1_1.exe
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\Users\Eskejp\AppData\Local\Vitalwerks
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\ProgramData\Vitalwerks
2017-04-12 16:43 - 2017-04-12 16:43 - 00000000 ____D C:\Program Files (x86)\No-IP
2017-04-12 15:36 - 2017-04-12 15:36 - 00000000 ____D C:\Users\Eskejp\Documents\Lawena Rec
2017-04-12 15:35 - 2017-04-12 15:35 - 25434245 _____ C:\Users\Eskejp\Downloads\lawena-stable-4.1.16.zip
2017-04-12 15:35 - 2017-04-12 15:35 - 24973035 _____ C:\Users\Eskejp\Downloads\lawena-recording-tool-4.1.16.zip
2017-04-12 15:35 - 2017-03-17 15:41 - 00000000 ____D C:\Users\Eskejp\Desktop\lawena
2017-04-12 09:50 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 09:50 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-04-12 09:50 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 09:50 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 09:50 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 09:50 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 09:50 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-04-12 09:50 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 09:50 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-04-12 09:50 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 09:50 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-04-12 09:50 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 09:50 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-04-12 09:50 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 09:50 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-04-12 09:50 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 09:50 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-04-12 09:50 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-04-12 09:50 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 09:50 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 09:50 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 09:50 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 09:50 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 09:50 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 09:50 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 09:50 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 09:50 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 09:50 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-04-12 09:50 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-04-12 09:50 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-04-12 09:50 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 09:50 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2017-04-12 09:50 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 09:50 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 09:50 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2017-04-12 09:50 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2017-04-12 09:50 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2017-04-12 09:50 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-04-12 09:50 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2017-04-12 09:50 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2017-04-12 09:50 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-04-12 09:50 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 09:50 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 09:50 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 09:50 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 09:50 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 09:50 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 09:50 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 09:50 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-04-12 09:50 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 09:50 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 09:50 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 09:50 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 09:50 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 09:50 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 09:50 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 09:50 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 09:50 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 09:50 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 09:50 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 09:50 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 09:50 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 09:50 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-04-12 09:50 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-04-12 09:50 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-04-12 09:50 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-04-12 09:50 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2017-04-12 09:50 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2017-04-12 09:50 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-04-12 09:50 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2017-04-12 09:50 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-04-12 09:50 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-04-12 09:50 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 09:50 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-04-12 09:50 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-04-12 09:50 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 09:50 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 09:50 - 2017-01-14 16:37 - 00447095 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-04-12 09:50 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2017-04-12 09:50 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2017-04-12 09:50 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-04-12 09:50 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2017-04-12 09:50 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-04-12 09:50 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2017-04-12 09:50 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-04-12 09:50 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-04-12 09:50 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-04-12 09:50 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-04-12 09:50 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-04-12 09:50 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-04-12 09:50 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-04-12 09:50 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2017-04-12 09:50 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-04-12 09:50 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-04-12 09:50 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-04-12 09:50 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-04-12 09:50 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-04-11 17:06 - 2017-04-11 17:06 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Wireshark
2017-04-11 16:54 - 2017-04-11 16:57 - 00001739 _____ C:\Users\Eskejp\Desktop\IP-Lookup.lnk
2017-04-11 16:46 - 2017-04-11 16:46 - 00000887 _____ C:\Users\Eskejp\Desktop\Wireshark.lnk
2017-04-11 16:40 - 2017-04-11 16:40 - 00000698 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-04-11 16:40 - 2017-04-11 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-04-11 16:40 - 2017-04-11 16:40 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-04-11 16:39 - 2017-04-11 16:39 - 00000577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-04-11 16:36 - 2017-04-11 16:36 - 49367072 _____ (Wireshark development team) C:\Users\Eskejp\Downloads\Wireshark-win64-2.2.5.exe
2017-04-11 14:37 - 2017-04-11 14:37 - 00000880 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NosTale.lnk
2017-04-11 14:34 - 2017-04-11 17:01 - 00000000 ____D C:\Program Files (x86)\Nostale
2017-04-11 14:18 - 2017-04-11 14:18 - 00981624 _____ (Gameforge 4D GmbH ) C:\Users\Eskejp\Downloads\2017-03-28_Nostale_CZ_Setup.exe
2017-04-10 07:16 - 2017-04-10 13:53 - 00301182 _____ C:\Users\Eskejp\Desktop\PinAim V1.3.1.rar
2017-04-09 12:08 - 2017-04-23 13:26 - 00000000 ____D C:\Users\Eskejp\Desktop\My folder with Viruses
2017-04-09 10:54 - 2017-04-09 10:55 - 00000000 ____D C:\Users\Eskejp\Desktop\SFM
2017-04-09 10:07 - 2017-04-09 10:07 - 00266194 _____ C:\Users\Eskejp\Downloads\TF2 How could this Happen!.mp4
2017-04-09 09:49 - 2017-04-09 09:56 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\vlc
2017-04-09 09:48 - 2017-04-09 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-09 09:48 - 2017-04-09 09:48 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-04-08 18:49 - 2017-04-08 21:31 - 00000098 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Unity
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\LocalLow\Unity
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Local\Unity
2017-04-08 16:33 - 2017-04-08 16:33 - 00000000 ____D C:\ProgramData\Unity
2017-04-08 15:39 - 2017-04-08 15:37 - 00074752 _____ () C:\Users\Eskejp\Downloads\TF2 Aimbot by Pin Lad - VAC Undetected.exe
2017-04-08 14:44 - 2017-04-08 14:44 - 00000000 ____D C:\SymCache
2017-04-08 14:40 - 2017-04-08 14:40 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\NuGet
2017-04-08 14:40 - 2017-04-08 14:40 - 00000000 ____D C:\Users\Eskejp\AppData\LocalLow\Temp
2017-04-08 14:35 - 2017-04-17 12:18 - 00000000 ____D C:\Users\Eskejp\Documents\Visual Studio 2017
2017-04-08 14:35 - 2017-04-08 14:35 - 00000000 ____D C:\Users\Eskejp\AppData\Local\.IdentityService
2017-04-08 14:30 - 2017-04-08 14:30 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2017-04-08 14:29 - 2017-04-08 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.4.0f3 (64-bit)
2017-04-08 14:27 - 2017-04-08 14:30 - 00000000 ____D C:\Program Files\Unity
2017-04-08 14:27 - 2017-04-08 14:27 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
2017-04-08 14:26 - 2017-04-08 14:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2017-04-08 14:23 - 2017-04-08 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2017-04-08 14:23 - 2017-04-08 14:23 - 00000000 ____D C:\Program Files (x86)\Android
2017-04-08 14:22 - 2017-04-08 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-04-08 14:21 - 2017-04-08 14:21 - 00000000 ____D C:\Users\Eskejp\AppData\LocalLow\Oracle
2017-04-08 14:21 - 2017-04-08 14:21 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-08 14:13 - 2017-04-08 14:13 - 00000000 ____D C:\Program Files (x86)\Entity Framework Tools
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\3082
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\2052
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1055
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1049
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1046
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1045
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1042
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1041
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1040
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1036
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1029
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\SysWOW64\1028
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\3082
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\2052
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1055
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1049
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1046
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1045
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1042
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1041
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1040
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1036
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1033
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1031
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1029
2017-04-08 14:12 - 2017-04-08 14:13 - 00000000 ____D C:\WINDOWS\system32\1028
2017-04-08 14:12 - 2017-04-08 14:12 - 00000000 ____D C:\Program Files\Windows Kits
2017-04-08 14:09 - 2017-04-09 19:11 - 00004813 _____ C:\Users\Eskejp\Desktop\Mediic.vbs
2017-04-08 14:09 - 2017-04-08 14:09 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files\Application Verifier
2017-04-08 14:05 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2017-04-08 14:03 - 2017-04-08 14:03 - 00000000 ____D C:\Program Files (x86)\NuGet
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2017-04-08 13:53 - 2017-04-08 13:53 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-04-08 13:43 - 2017-04-08 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-04-08 13:43 - 2017-04-08 14:05 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2017-04-08 13:42 - 2017-04-08 13:42 - 00001701 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk
2017-04-08 13:42 - 2017-04-08 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2017-04-08 13:39 - 2017-04-08 13:39 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2017-04-08 13:37 - 2017-04-08 14:34 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Visual Studio Setup
2017-04-08 13:37 - 2017-04-08 14:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2017-04-08 13:37 - 2017-04-08 13:37 - 00002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2017-04-08 13:37 - 2017-04-08 13:37 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\vstelemetry
2017-04-08 13:37 - 2017-04-08 13:37 - 00000000 ____D C:\Users\Eskejp\AppData\Local\ServiceHub
2017-04-08 11:58 - 2017-04-08 11:58 - 00013052 _____ C:\Users\Eskejp\Documents\MEMZ 4.0 Clean.zip
2017-04-07 18:49 - 2017-04-08 11:20 - 00051200 ___SH C:\Users\Eskejp\Desktop\Thumbs.db
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\Program Files (x86)\TechSmith
2017-04-07 15:57 - 2017-04-07 15:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2017-04-07 15:38 - 2017-04-07 15:43 - 00000000 ____D C:\Users\Eskejp\Downloads\Camtasia.Studio.v8.0.0.Build.878.Incl.Keygen
2017-04-07 15:35 - 2017-04-16 20:51 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-04-07 15:34 - 2017-04-07 15:34 - 17033192 _____ (Bandicam Company) C:\Users\Eskejp\Documents\bdcamsetup.exe
2017-04-07 14:04 - 2017-04-05 14:05 - 00000077 _____ C:\Users\Eskejp\Downloads\hesla.txt
2017-04-06 16:33 - 2017-04-06 16:33 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\TeamViewer
2017-04-06 16:32 - 2017-04-16 15:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-06 16:32 - 2017-04-06 16:32 - 13194408 _____ (TeamViewer GmbH) C:\Users\Eskejp\Documents\TeamViewer_Setup_cs.exe
2017-04-05 17:54 - 2017-04-05 17:55 - 00000591 _____ C:\Users\Eskejp\Desktop\WindowsFix.zip
2017-04-05 14:04 - 2017-04-05 14:05 - 00000077 _____ C:\Users\Eskejp\Desktop\hesla.txt
2017-04-04 20:49 - 2017-04-05 17:45 - 00000000 ____D C:\Users\Eskejp\Desktop\Wiruses
2017-04-02 13:12 - 2017-04-02 13:12 - 00000000 ____D C:\Users\Eskejp\AppData\Local\RzStats
2017-04-02 13:05 - 2017-04-24 16:12 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-04-02 13:05 - 2017-04-02 13:05 - 00000000 ____D C:\ProgramData\RzSurroundVAD_1.1.62.0
2017-04-02 13:05 - 2017-04-02 13:05 - 00000000 _____ C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2017-04-02 09:03 - 2017-04-02 09:03 - 07291524 _____ C:\Users\Eskejp\Documents\faithful64pack-v1.4.0.zip
2017-04-02 09:00 - 2017-04-02 09:00 - 00033294 _____ C:\Users\Eskejp\Documents\Chocapic13 V4-Medium.zip
2017-04-02 08:53 - 2017-04-02 08:53 - 00067728 _____ C:\Users\Eskejp\Documents\SEUS-v10.1-Standard.zip
2017-04-01 18:44 - 2017-04-01 18:44 - 01617333 _____ C:\Users\Eskejp\Documents\OptiFine_1.7.10_HD_U_D7.jar
2017-04-01 09:26 - 2017-04-01 09:27 - 00000000 ___HD C:\Flo
2017-04-01 09:25 - 2017-04-01 09:25 - 04332773 _____ C:\Users\Eskejp\Documents\skinchanger.rar
2017-03-31 21:32 - 2017-04-01 05:20 - 00170360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2017-03-31 21:32 - 2017-03-17 02:59 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437892.dll
2017-03-31 21:32 - 2017-03-17 02:59 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437892.dll
2017-03-31 21:22 - 2017-03-31 21:22 - 00002206 _____ C:\Users\Eskejp\Documents\Registry-Tweaks-Collection-to-Make-Windows-Faster.zip
2017-03-31 21:20 - 2017-03-31 21:20 - 00000972 _____ C:\Users\Eskejp\Documents\aerolite.zip
2017-03-31 21:09 - 2017-03-31 21:09 - 01985978 _____ C:\Users\Eskejp\Documents\UxStyle_sep23_x86_x64_possibly_bugged.zip
2017-03-31 17:53 - 2017-03-31 17:53 - 00752617 _____ C:\Users\Eskejp\Documents\ScriptHookVDotNet (1).zip
2017-03-31 17:42 - 2017-03-31 17:42 - 01378066 _____ C:\Users\Eskejp\Documents\ScriptHookV_1.0.1011.1 (1).zip
2017-03-31 17:40 - 2017-03-31 17:40 - 00752617 _____ C:\Users\Eskejp\Documents\ScriptHookVDotNet.zip
2017-03-31 17:30 - 2017-03-31 17:30 - 00051936 _____ C:\Users\Eskejp\Documents\1487f6-BennysMotorworks.zip
2017-03-31 17:29 - 2017-03-31 17:29 - 01378066 _____ C:\Users\Eskejp\Documents\ScriptHookV_1.0.1011.1.zip
2017-03-31 16:35 - 2017-04-13 22:04 - 00000000 ____D C:\Users\Eskejp\Desktop\NanoCore
2017-03-31 16:33 - 2017-03-31 16:33 - 05700576 _____ C:\Users\Eskejp\Documents\NanoCore RAT 1.2.2.0 Cracked By Alcatraz3222.rar
2017-03-30 20:06 - 2017-03-30 20:06 - 00006509 _____ C:\Users\Eskejp\Downloads\ovc.user.js
2017-03-30 19:31 - 2017-03-30 19:31 - 00000000 ____D C:\ProgramData\ASUS
2017-03-30 19:31 - 2015-09-17 04:58 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-03-30 19:31 - 2015-09-17 04:58 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-03-30 19:30 - 2017-03-30 19:30 - 76775409 _____ C:\Users\Eskejp\Documents\AISuite3_Win10_V10147.zip
2017-03-30 19:26 - 2017-03-30 19:30 - 04363475 _____ C:\Users\Eskejp\Documents\HWiNFO.zip
2017-03-30 19:22 - 2017-03-30 19:22 - 03808448 _____ (Martin Malík - REALiX ) C:\Users\Eskejp\Documents\hw64_546.exe
2017-03-30 19:07 - 2017-03-30 19:07 - 00000000 ____D C:\Users\Eskejp\Desktop\cru-1.3
2017-03-30 19:01 - 2017-03-30 19:01 - 00537711 _____ C:\Users\Eskejp\Documents\cru-1.3.zip
2017-03-30 16:21 - 2017-03-30 16:21 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfrdvcompat.dll
2017-03-30 16:14 - 2017-03-30 16:14 - 00419176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfbasics.dll
2017-03-30 16:14 - 2017-03-30 16:14 - 00196856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vrfcore.dll
2017-03-30 16:13 - 2017-03-30 16:13 - 01151200 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfprintpthelper.dll
2017-03-30 16:13 - 2017-03-30 16:13 - 00148008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appverif.exe
2017-03-30 16:12 - 2017-03-30 16:12 - 00436944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfprint.dll
2017-03-30 16:12 - 2017-03-30 16:12 - 00085672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfnws.dll
2017-03-30 16:12 - 2017-03-30 16:12 - 00048264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfntlmless.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00278440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfluapriv.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00115784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfnet.dll
2017-03-30 16:11 - 2017-03-30 16:11 - 00049352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfcuzz.dll
2017-03-30 16:10 - 2017-03-30 16:10 - 00064888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vfcompat.dll
2017-03-30 16:10 - 2017-03-30 16:10 - 00024464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cuzzapi.dll
2017-03-30 13:39 - 2017-03-30 13:39 - 00099160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfrdvcompat.dll
2017-03-30 13:26 - 2017-03-30 13:26 - 00176528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vrfcore.dll
2017-03-30 13:26 - 2017-03-30 13:26 - 00119944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appverif.exe
2017-03-30 13:25 - 2017-03-30 13:25 - 00375568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfbasics.dll
2017-03-30 13:24 - 2017-03-30 13:24 - 00632216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfprintpthelper.dll
2017-03-30 13:24 - 2017-03-30 13:24 - 00334008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfprint.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00252424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfluapriv.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00071096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfnws.dll
2017-03-30 13:23 - 2017-03-30 13:23 - 00043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfntlmless.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00093472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfnet.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00066368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfcompat.dll
2017-03-30 13:22 - 2017-03-30 13:22 - 00045648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfcuzz.dll
2017-03-30 13:21 - 2017-03-30 13:21 - 00022352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cuzzapi.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 01797440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbased.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 00630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10sdklayers.dll
2017-03-30 01:07 - 2017-03-30 01:07 - 00458040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10ref.dll
2017-03-30 00:52 - 2017-03-30 00:52 - 00031552 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft.windows.softwarelogo.showdesktop.exe
2017-03-30 00:41 - 2017-03-30 00:41 - 01505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbased.dll
2017-03-30 00:41 - 2017-03-30 00:41 - 00074560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsd3dwarpdebug.dll
2017-03-30 00:40 - 2017-03-30 00:40 - 00644408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11ref.dll
2017-03-30 00:40 - 2017-03-30 00:40 - 00063808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DRefDebug.dll
2017-03-30 00:38 - 2017-03-30 00:38 - 00082240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DRefDebug.dll
2017-03-30 00:38 - 2017-03-30 00:38 - 00075072 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsd3dwarpdebug.dll
2017-03-30 00:37 - 2017-03-30 00:37 - 00763192 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11ref.dll
2017-03-30 00:27 - 2017-03-30 00:27 - 00481600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10sdklayers.dll
2017-03-30 00:27 - 2017-03-30 00:27 - 00361792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10ref.dll
2017-03-29 22:16 - 2017-03-29 22:16 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dref9.dll
2017-03-29 22:11 - 2017-03-29 22:11 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dref9.dll
2017-03-29 21:52 - 2017-03-29 21:52 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2017-03-29 21:52 - 2017-03-29 21:52 - 00103728 _____ C:\WINDOWS\SysWOW64\appverifUI.dll
2017-03-29 21:48 - 2017-03-29 21:48 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2017-03-29 21:48 - 2017-03-29 21:48 - 00129840 _____ C:\WINDOWS\system32\appverifUI.dll
2017-03-29 20:40 - 2017-03-29 20:40 - 00322842 _____ C:\Users\Eskejp\Documents\sweetfx_redone.7z
2017-03-29 13:54 - 2017-03-29 13:54 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Bat To Exe Converter
2017-03-29 13:43 - 2017-03-29 13:43 - 02710688 _____ (Sysinternals - www.sysinternals.com) C:\Users\Eskejp\Documents\procexp.exe
2017-03-29 13:00 - 2017-03-31 12:54 - 00098751 _____ C:\Users\Eskejp\Desktop\csrrs.exe.cmd
2017-03-27 20:03 - 2017-03-27 20:03 - 00493732 _____ C:\Users\Eskejp\Documents\sweetfx-csgo.zip
2017-03-26 17:09 - 2017-03-27 18:09 - 00000000 ____D C:\Users\Eskejp\Desktop\SLAM
2017-03-26 17:05 - 2017-04-15 18:11 - 00000000 ____D C:\Users\Eskejp\AppData\Local\SLAM
2017-03-26 17:05 - 2017-03-26 17:05 - 00428153 _____ C:\Users\Eskejp\Documents\SLAM_v1.5.0.zip
2017-03-26 17:01 - 2017-03-26 17:01 - 03114048 _____ C:\Users\Eskejp\Documents\AutoHotkey_1.1.25.01_setup.exe
2017-03-26 16:33 - 2016-10-25 22:04 - 00228864 _____ C:\Users\Eskejp\Desktop\formule.dll
2017-03-26 12:53 - 2017-03-26 12:53 - 00290718 _____ C:\Users\Eskejp\Downloads\no_crit_backstab_old_reload.zip
2017-03-25 22:15 - 2017-04-23 13:25 - 00003136 _____ C:\WINDOWS\System32\Tasks\FRAPS
2017-03-25 18:01 - 2017-03-25 18:01 - 00000000 ____D C:\Users\Eskejp\Documents\NFS Carbon
2017-03-25 18:00 - 2017-03-25 18:00 - 00001028 _____ C:\Users\Eskejp\Desktop\Need For Speed Carbon.lnk
2017-03-25 17:46 - 2017-03-25 17:46 - 00621057 _____ C:\Users\Eskejp\Downloads\CarbonCamera.exe
2017-03-25 17:41 - 2017-03-25 18:01 - 00000000 ____D C:\Users\Eskejp\Downloads\Need For Speed Carbon
2017-03-25 17:37 - 2017-03-25 17:39 - 1493966395 _____ C:\Users\Eskejp\Downloads\[AVeRAnTeD]NFS-Carbon[Music+Video]Full-Rip.7z

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-24 16:10 - 2017-01-21 17:03 - 00004263 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2017-04-24 16:09 - 2017-01-25 20:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-24 13:57 - 2017-01-21 14:20 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-24 07:01 - 2017-01-26 14:44 - 00003606 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-04-24 06:57 - 2017-03-17 10:20 - 00000000 ____D C:\ProgramData\VMware
2017-04-24 06:57 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-04-24 06:56 - 2014-01-21 16:40 - 00000966 _____ C:\WINDOWS\SysWOW64\bscs.ini
2017-04-24 06:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-24 06:47 - 2017-01-21 17:03 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2017-04-23 13:26 - 2017-01-21 09:04 - 00000074 _____ C:\Users\Eskejp\AppData\Roaming\sp_data.sys
2017-04-23 13:25 - 2017-03-19 18:15 - 00000000 ____D C:\Fraps
2017-04-23 13:25 - 2017-02-21 16:40 - 00003020 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-04-23 09:37 - 2017-01-24 20:35 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-04-22 07:57 - 2017-02-21 15:04 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-21 17:08 - 2017-02-18 19:12 - 00251904 ___SH C:\Users\Eskejp\Downloads\Thumbs.db
2017-04-21 16:16 - 2017-03-17 10:22 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\VMware
2017-04-21 16:16 - 2017-03-17 10:22 - 00000000 ____D C:\Users\Eskejp\AppData\Local\VMware
2017-04-21 16:05 - 2017-01-25 19:49 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-20 13:14 - 2017-02-21 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-20 08:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-04-19 14:23 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-19 14:18 - 2017-01-25 19:09 - 00000000 ____D C:\Program Files\Windows Journal
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-04-18 21:02 - 2014-11-21 06:09 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-18 21:02 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2017-04-18 20:00 - 2017-03-23 08:16 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-04-18 20:00 - 2017-03-23 08:16 - 00000000 ____D C:\Program Files\paint.net
2017-04-17 15:08 - 2017-01-23 19:44 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-04-17 13:10 - 2014-11-21 06:53 - 01747250 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-17 13:10 - 2014-11-21 06:10 - 00737194 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-17 13:10 - 2014-11-21 06:10 - 00150070 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-17 13:02 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-04-16 21:02 - 2013-08-22 16:44 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-16 20:56 - 2017-01-21 15:19 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-04-16 20:55 - 2013-05-01 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-04-16 20:55 - 2013-05-01 13:16 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-04-16 20:51 - 2012-07-26 11:45 - 00000000 ____D C:\WINDOWS\ShellNew
2017-04-16 15:49 - 2017-01-24 17:33 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-459092724-1688354535-1890333071-1002
2017-04-15 11:15 - 2017-01-26 20:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-04-15 11:04 - 2017-02-18 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2017-04-15 10:43 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2017-04-15 10:37 - 2013-08-22 17:36 - 00000000 ___SD C:\Program Files\Windows Sidebar
2017-04-15 10:37 - 2013-08-22 17:36 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2017-04-15 07:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-14 17:58 - 2017-01-21 18:53 - 00000000 ____D C:\Users\Eskejp\AppData\Local\CrashDumps
2017-04-14 14:48 - 2017-02-02 09:43 - 00046575 _____ C:\Users\Eskejp\Desktop\SteamAchievementManager63_hotfix (1).zip
2017-04-14 12:50 - 2017-01-25 20:23 - 00000000 ____D C:\Users\Eskejp
2017-04-14 12:41 - 2017-01-21 00:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 21:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-04-13 21:50 - 2017-01-21 16:09 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\Skype
2017-04-13 21:43 - 2017-02-08 14:43 - 00000000 ____D C:\Users\steamfix
2017-04-13 21:21 - 2017-01-28 16:48 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E65886F-D4F5-4238-8672-C864814B2A10}
2017-04-12 19:34 - 2017-01-21 16:03 - 00003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-12 19:34 - 2017-01-21 16:02 - 00003256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-12 19:16 - 2017-01-25 20:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-12 19:12 - 2017-01-25 20:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-12 19:09 - 2017-01-25 20:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-12 19:09 - 2017-01-21 13:36 - 00004146 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-12 19:09 - 2017-01-21 13:36 - 00003852 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-12 19:09 - 2017-01-21 13:36 - 00003738 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-12 19:09 - 2017-01-21 13:36 - 00003554 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-12 19:09 - 2017-01-21 13:35 - 00003738 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-12 19:09 - 2017-01-21 13:35 - 00003730 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-12 19:09 - 2017-01-21 13:35 - 00003494 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-12 10:22 - 2017-01-23 00:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 10:12 - 2017-01-23 00:25 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-11 16:39 - 2017-01-21 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-09 20:40 - 2017-01-24 21:31 - 00000000 ____D C:\Users\Eskejp\AppData\Local\GeometryDash
2017-04-09 10:00 - 2017-02-02 17:39 - 00000000 ____D C:\Users\Eskejp\Documents\Camtasia Studio
2017-04-08 16:03 - 2017-02-02 21:44 - 00001717 _____ C:\Users\Eskejp\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-04-08 14:23 - 2017-02-14 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-08 14:22 - 2017-02-14 22:25 - 00000000 ____D C:\Program Files\Java
2017-04-08 13:49 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-08 13:42 - 2017-01-25 17:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-08 00:06 - 2017-01-23 01:35 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-07 15:57 - 2017-02-02 16:22 - 00000000 ____D C:\ProgramData\TechSmith
2017-04-07 15:50 - 2017-01-26 14:41 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\uTorrent
2017-04-06 07:41 - 2017-01-21 16:03 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-02 14:30 - 2017-01-21 19:17 - 00000000 ____D C:\Users\Eskejp\AppData\Roaming\.minecraft
2017-04-01 11:44 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-01 05:20 - 2017-01-25 14:01 - 04071816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 03588376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00491208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00406736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2017-04-01 05:20 - 2017-01-25 14:01 - 00042897 _____ C:\WINDOWS\system32\nvinfo.pb
2017-04-01 05:20 - 2017-01-21 13:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-04-01 04:10 - 2017-01-25 20:03 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 02481208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00549944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-01 04:10 - 2017-01-25 20:03 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-04-01 04:09 - 2017-01-25 20:03 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-03-31 12:15 - 2017-01-25 20:03 - 07851747 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-03-28 05:32 - 2017-01-21 13:36 - 01882048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01472960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-03-28 05:32 - 2017-01-21 13:36 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-03-27 16:50 - 2017-03-03 14:36 - 00000197 _____ C:\Users\Eskejp\Desktop\training.cfg
2017-03-26 16:57 - 2017-03-12 17:36 - 00000225 _____ C:\Users\Eskejp\Desktop\Gameowner.ini
2017-03-26 13:00 - 2017-02-02 21:28 - 00000276 _____ C:\Users\Eskejp\Desktop\Steam.txt

==================== Files in the root of some directories =======

2017-02-02 21:44 - 2017-04-08 16:03 - 0001717 _____ () C:\Users\Eskejp\AppData\Roaming\LITHIUM_PUBLIC.ini
2017-01-21 09:04 - 2017-04-23 13:26 - 0000074 _____ () C:\Users\Eskejp\AppData\Roaming\sp_data.sys
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 13:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-17 09:24

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: MalwareBytes našel nějaké breberky.

#8 Příspěvek od Rudy »

OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
SearchScopes: HKU\S-1-5-21-459092724-1688354535-1890333071-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-459092724-1688354535-1890333071-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
C:\WINDOWS\system32\ApnDatabase.xml
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\SetStretch.VBS

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ESCGamer55
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 13 zář 2015 09:33

Re: MalwareBytes našel nějaké breberky.

#9 Příspěvek od ESCGamer55 »

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-04-2017
Ran by Eskejp (26-04-2017 20:43:45) Run:1
Running from C:\Users\Eskejp\Desktop
Loaded Profiles: Eskejp (Available Profiles: Eskejp & Pin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
SearchScopes: HKU\S-1-5-21-459092724-1688354535-1890333071-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-459092724-1688354535-1890333071-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
C:\WINDOWS\system32\ApnDatabase.xml
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\SetStretch.VBS

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1 => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1 => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2 => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3 => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found. 
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-459092724-1688354535-1890333071-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\SetStretch.VBS => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44003767 B
Java, Flash, Steam htmlcache => 216744566 B
Windows/system/drivers => 3527122 B
Edge => 0 B
Chrome => 470720198 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 46130 B
Eskejp => 19232366 B
Pin => 1170356215 B

RecycleBin => 399974533 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:44:34 ====
Jen se chci zeptat, když jsme teďka vymazali temp, už se vyhodili nějaké breberky? Přijde mi, že PC je svižnější.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: MalwareBytes našel nějaké breberky.

#10 Příspěvek od Rudy »

Smazáno. Systém by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ESCGamer55
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 13 zář 2015 09:33

Re: MalwareBytes našel nějaké breberky.

#11 Příspěvek od ESCGamer55 »

Dobře, děkuji. :closed:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: MalwareBytes našel nějaké breberky.

#12 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět