Jump to content

32 bits process in task Manager


Recommended Posts

Hello Every one,
I have a real problem in my windows-7 machine,
i hear a noise from the fan and the laptop become hot,
il the task manager i see a big number of generated chrome.exe and other *32 stuffs,
i've formatted my laptop 2 or 3 time even with linux but without result..
the eset scan display clean pc !!!
thanks for any help ..
 

01.PNG

02.PNG

Link to post
Share on other sites

Hi nabilos :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.

  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens
  • As long as I'm assisting you on Malwarebytes Forums, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against Malwarebytes Forums's rules
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread


This being said, it's time to clean-up some malware, so let's get started, shall we? :)

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.

  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Copy/paste the following inside the text area:
    Start::
    CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
    CMD: bcdedit.exe /set {default} recoveryenabled yes
    End::
    
  • Click on the Fix button
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad
  • Copy and paste its content in your next reply

Link to post
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by EAGLE (17-03-2018 14:35:24) Run:1
Running from C:\Users\EAGLE\Desktop
Loaded Profiles: EAGLE (Available Profiles: EAGLE)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes

*****************


========= bcdedit.exe /set {bootmgr} displaybootmenu yes =========

The operation completed successfully.

========= End of CMD: =========


========= bcdedit.exe /set {default} recoveryenabled yes =========

The operation completed successfully.

========= End of CMD: =========


==== End of Fixlog 14:35:24 ====

Link to post
Share on other sites

For the next part, you'll need to download the FRST executable a clean computer, and move them on your USB Flash Drive. That USB can only be inserted in the infected computer if it is either shutdown, or in the Windows RE. Otherwise, the infection will mess with the files on the USB and you'll have to restart.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Recovery Environment Scan
Follow the instructions below to download and execute a scan on your system with FRST from the Recovery Environment, and provide the logs in your next reply.

Item(s) required:

  • USB Flash Drive (size depend on if you have to create a USB Recovery or Installation media)
  • Another computer (clean of infection)
  • CD/DVD (optional: only needed if you need to create a Recovery or Installation media and your USB Flash Drive is too small)

Preparing the USB Flash Drive

  • Download the right version of FRST for your system from a clean computer:
    • FRST 32-bit
    • FRST 64-bit
      Note: Only the right version will run on your system, the other will throw an error message. So if you don't know what your system's version is, simply download both of them, and the one that works is the one you should be using.
  • Move the executable (FRST.exe or FRST64.exe) on your USB Flash Drive

Boot in the Recovery Environment

  • To enter the Recovery Environment with Windows Vista and Windows 7, follow the instructions below:
    • Restart the computer
    • Once you've seen your BIOS splashscreen (the computer manufacturer logo), tap the F8 key repeatedly until the Advanced Boot Options menu appears
    • Use the arrow keys to select Repair your computer, and press on Enter
    • Select your keyboard layout (US, French, etc.) and click on Next
    • Click on Command Prompt to open the command prompt
      Note:If you can't access the Recovery Environment using the F8 method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial on SevenForums.
  • To enter the Recovery Environment with Windows 8 or Windows 8.1, follow the instructions in this tutorial on EightForums
    Note:If you can't access the Recovery Environment using the method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial.
  • To enter the Recovery Environment with Windows 10, follow the instructions in this tutorial on TenForums
    Note:If you can't access the Recovery Environment using the method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial on TenForums.
  • Once in the Windows RE, plug the USB Flash Drive in the computer

Once in the command prompt

  • In the command prompt, type notepad and press on Enter
  • Notepad will open. Click on the File menu and select Open
  • Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad
  • In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter
  • Note: Replace the letter e with the drive letter of your USB Flash Drive
  • FRST will open
  • Click on Yes to accept the disclaimer
  • Click on the Scan button and wait for the scan to complete
  • A log called FRST.txt will be saved on your USB Flash Drive. Attach it in your next reply


 
Link to post
Share on other sites

hello yoan,
I got a solution to boot with other windows version with my usb, here's the scanning result:

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Exécuté par Système sur MININT-O014M1G (24-03-2018 15:28:24)
Exécuté depuis H:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8
Mode d'amorçage: Recovery
Par défaut: ControlSet002
ATTENTION!:=====> Si le système est amorçable, FRST doit être exécuté en mode normal ou sans échec afin de créer un journal complet.

Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927928 2012-05-18] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1084328 2015-04-13] (The Eraser Project)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2010-09-07] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\EAGLE\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10150912 2018-02-22] (FreeDownloadManager.org)
HKU\EAGLE\...\Run: [Copy Handler] => C:\Program Files\Copy Handler\ch64.exe [1836264 2016-11-18] ( )
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1940584 2017-12-18] (ESET)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-06] (Nitro PDF Software)
S2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-06] ()
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [107624 2018-03-07] (RaMMicHaeL)
S2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28672 2013-10-17] ()
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465856 2015-10-18] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
S0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
S2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
S1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
S1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61040 2018-01-19] (ESET)
S1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [76288 2009-09-24] (REDC)
S3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1834416 2009-03-26] ()
S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-10-18] (VMware, Inc.)
S0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-10-18] (VMware, Inc.)
S2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-03-24 15:17 - 2018-03-24 15:17 - 000000000 _____ C:\Users\EAGLE\Desktop\index (1).html.fdmdownload
2018-03-24 14:34 - 2018-03-24 14:34 - 000000000 _____ C:\Users\EAGLE\Desktop\index.html.fdmdownload
2018-03-24 14:34 - 2018-03-24 14:34 - 000000000 _____ C:\Users\EAGLE\Desktop\FRST.exe
2018-03-24 13:27 - 2018-03-24 13:27 - 000616994 _____ C:\Users\EAGLE\Desktop\edd-securite.pdf
2018-03-24 13:13 - 2018-03-24 13:13 - 001347859 _____ C:\Users\EAGLE\Desktop\assurance habitation Mr BOUTAYEB.pdf
2018-03-24 09:21 - 2018-03-24 09:21 - 000005840 _____ C:\Users\EAGLE\Desktop\projet.tar (1).xz
2018-03-24 09:20 - 2018-03-24 09:20 - 000005840 _____ C:\Users\EAGLE\Desktop\projet.tar.xz
2018-03-24 00:27 - 2018-03-24 01:15 - 547684352 _____ C:\Users\EAGLE\Desktop\Windows 7 Aio SP1 (x86x64) Mult July 2017 Full Activated mshaz1000.iso
2018-03-23 23:09 - 2018-03-24 01:18 - 000000000 ____D C:\Users\EAGLE\Desktop\10x10 (2018) [WEBRip] [720p] [YTS.AM]
2018-03-23 23:07 - 2018-03-24 01:26 - 000000000 ____D C:\Users\EAGLE\Desktop\Gold (2017) [BluRay] [720p] [YTS.AM]
2018-03-22 21:42 - 2018-03-22 21:43 - 000003690 _____ C:\Users\EAGLE\Desktop\boot_into_RE_2.bat
2018-03-22 20:31 - 2018-03-22 20:31 - 000004689 _____ C:\Users\EAGLE\Desktop\database.sql
2018-03-21 22:40 - 2018-03-21 22:40 - 000000607 _____ C:\Users\EAGLE\Desktop\PP.lnk
2018-03-21 22:39 - 2018-03-21 22:39 - 000000000 ____D C:\Users\EAGLE\Desktop\mysql_orange
2018-03-20 22:51 - 2018-03-21 00:13 - 000000000 ____D C:\Users\EAGLE\Desktop\Bent (2018) [WEBRip] [720p] [YTS.AM]
2018-03-20 22:10 - 2018-03-20 22:51 - 000000000 ____D C:\ProgramData\Exam Testing Engine
2018-03-20 22:10 - 2018-03-20 22:10 - 000001084 _____ C:\Users\Public\Desktop\ETE Designer.lnk
2018-03-20 22:10 - 2018-03-20 22:10 - 000001072 _____ C:\Users\Public\Desktop\ETE Player.lnk
2018-03-20 22:10 - 2018-03-20 22:10 - 000000000 ____D C:\Program Files (x86)\Exam Testing Engine
2018-03-20 22:09 - 2018-03-20 22:09 - 000000000 ____D C:\Users\EAGLE\Desktop\Dumps
2018-03-20 21:31 - 2018-03-21 01:07 - 000000000 ____D C:\Users\EAGLE\Desktop\Tomb Raider 2018 720p FULL HDCAM X264 HQMic-CPG
2018-03-20 21:29 - 2018-03-21 00:36 - 000000000 ____D C:\Users\EAGLE\Desktop\Atlantic.Rim.2.Resurrection.2018.HDRip.XviD.AC3-EVO
2018-03-20 20:42 - 2018-03-20 23:31 - 000000000 ____D C:\Users\EAGLE\Desktop\Boo 2! A Madea Halloween (2017) [YTS.AG]
2018-03-20 20:37 - 2018-03-20 20:37 - 000007963 _____ C:\Users\EAGLE\Desktop\projet.zip
2018-03-20 20:25 - 2018-03-20 23:49 - 000000000 ____D C:\Users\EAGLE\Desktop\Fullmetal Alchemist (2017) [WEBRip] [720p] [YTS.AM]
2018-03-20 20:24 - 2018-03-21 00:27 - 000000000 ____D C:\Users\EAGLE\Desktop\Scramble (2017) [YTS.AG]
2018-03-20 20:24 - 2018-03-20 23:26 - 000000000 ____D C:\Users\EAGLE\Desktop\Revolt (2017) [YTS.AG]
2018-03-20 19:53 - 2018-03-20 19:53 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2018-03-20 19:52 - 2018-03-24 14:05 - 000000000 ____D C:\Users\EAGLE\Documents\UBUNTU_NABIL_20
2018-03-18 12:09 - 2018-03-18 12:09 - 000000000 ____D C:\Program Files\Unlocker
2018-03-18 12:03 - 2018-03-18 12:03 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Copy Handler
2018-03-18 12:02 - 2018-03-18 12:03 - 000000000 ____D C:\Program Files\Copy Handler
2018-03-17 20:00 - 2018-03-17 20:00 - 000000000 ____D C:\Users\EAGLE\Desktop\prjt
2018-03-17 20:00 - 2018-03-02 14:33 - 002024202 _____ C:\Users\EAGLE\Desktop\compte-rendu-data-mining_v3.pdf
2018-03-17 19:59 - 2018-02-24 12:18 - 006550016 _____ C:\Users\EAGLE\Desktop\voicetotext_setup.msi
2018-03-17 17:45 - 2018-03-17 17:45 - 008583036 _____ C:\Users\EAGLE\Desktop\البحر الشاسع، لدخول الخوارزميات من بابها الواسع.pdf
2018-03-17 15:04 - 2018-03-17 15:04 - 000000000 ____D C:\Users\EAGLE\Desktop\malwarebyte procedure
2018-03-17 14:35 - 2018-03-24 15:28 - 000000000 ____D C:\FRST
2018-03-17 13:56 - 2018-03-17 14:00 - 000000000 ____D C:\Users\EAGLE\Desktop\Malwarebytes Premium 3.4.3.2394 Beta + Crack [CracksNow]
2018-03-17 12:52 - 2018-03-17 13:17 - 069227978 _____ C:\Users\EAGLE\Downloads\Malwarebytes%20Premium%203.4.4.2398%20Multilingual.rar
2018-03-17 12:42 - 2018-03-17 12:42 - 000001945 _____ C:\Windows\epplauncher.mif
2018-03-17 12:42 - 2018-03-17 12:42 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-03-17 12:42 - 2018-03-17 12:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-03-17 10:15 - 2010-12-11 19:50 - 000181248 _____ (Renesas Electronics Corporation) C:\Windows\System32\Drivers\nusb3xhc.sys
2018-03-17 10:09 - 2013-02-19 08:59 - 000057848 _____ (Intel Corporation) C:\Windows\System32\Drivers\HECIx64.sys
2018-03-17 10:06 - 2013-07-25 01:09 - 000073480 _____ (Intel Corporation) C:\Windows\System32\e1kmsg.dll
2018-03-17 10:06 - 2013-07-17 23:47 - 000497424 _____ (Intel Corporation) C:\Windows\System32\Drivers\e1k62x64.sys
2018-03-17 10:06 - 2013-07-11 05:35 - 000089888 _____ (Intel Corporation) C:\Windows\System32\NicInstK.dll
2018-03-17 10:06 - 2013-05-29 02:10 - 011524096 _____ (Intel Corporation) C:\Windows\System32\Drivers\NETwsw00.sys
2018-03-17 10:06 - 2012-07-03 15:08 - 000003093 _____ C:\Windows\System32\e1k62x64.din
2018-03-17 10:06 - 2012-02-16 19:35 - 003381008 _____ (Intel Corporation) C:\Windows\System32\Netwrw00.dll
2018-03-17 10:06 - 2012-02-16 19:34 - 000885520 _____ (Intel Corporation) C:\Windows\System32\Netwcw00.dll
2018-03-17 10:05 - 2018-03-17 10:05 - 000000000 ____D C:\Program Files\IDT
2018-03-17 10:05 - 2010-09-07 20:05 - 012861952 _____ (IDT, Inc.) C:\Windows\System32\idtcpl64.cpl
2018-03-17 10:05 - 2010-09-07 20:05 - 001952256 _____ (IDT, Inc.) C:\Windows\System32\stlang64.dll
2018-03-17 10:05 - 2010-09-07 20:05 - 000489472 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2018-03-17 10:05 - 2010-01-25 20:30 - 000162816 _____ (Andrea Electronics Corporation) C:\Windows\System32\AESTAC64.dll
2018-03-17 10:05 - 2009-10-08 18:45 - 000442368 _____ (Andrea Electronics Corporation) C:\Windows\System32\AESTEC64.dll
2018-03-17 10:05 - 2009-03-01 19:58 - 000068608 _____ (Andrea Electronics Corporation) C:\Windows\System32\AESTAR64.dll
2018-03-17 10:05 - 2009-03-01 19:47 - 000090624 _____ (Andrea Electronics Corporation) C:\Windows\System32\AESTCo64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 001484288 _____ (IDT, Inc.) C:\Windows\System32\stapo64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 000651264 ____N (IDT, Inc.) C:\Windows\System32\stapi64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 000515584 _____ (IDT, Inc.) C:\Windows\System32\Drivers\stwrt64.sys
2018-03-17 10:04 - 2010-09-07 20:05 - 000431616 _____ (IDT, Inc.) C:\Windows\System32\stcplx64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 000219648 _____ (IDT, Inc.) C:\Windows\System32\staco64.dll
2018-03-17 10:03 - 2009-09-03 07:14 - 000057856 _____ (REDC) C:\Windows\System32\Drivers\rixdpx64.sys
2018-03-17 10:03 - 2009-09-03 06:37 - 000067072 _____ (REDC) C:\Windows\System32\Drivers\rimmpx64.sys
2018-03-17 10:02 - 2013-11-16 03:59 - 000632168 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStorA.sys
2018-03-17 10:02 - 2013-11-16 03:59 - 000028008 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStorF.sys
2018-03-17 10:02 - 2009-09-24 13:31 - 000076288 _____ (REDC) C:\Windows\System32\Drivers\risdsn64.sys
2018-03-17 10:02 - 2009-09-03 06:59 - 000054784 _____ (REDC) C:\Windows\System32\Drivers\rimspx64.sys
2018-03-17 10:00 - 2014-02-08 18:34 - 031432480 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 025256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 023683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 017560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 015740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 012324640 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2018-03-17 10:00 - 2014-02-08 18:34 - 011636176 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 011589272 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 009728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 009690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 003142432 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002782496 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002713728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 001885472 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433489.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 001515296 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433489.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000892192 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000875296 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-03-17 09:57 - 2018-03-17 20:19 - 000000000 ____D C:\Users\EAGLE\AppData\LocalLow\Mozilla
2018-03-17 09:56 - 2018-03-17 12:56 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Mozilla
2018-03-17 09:56 - 2018-03-17 09:57 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Mozilla
2018-03-17 09:56 - 2018-03-17 09:56 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Icecream
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Users\EAGLE\AppData\Local\CrashRpt
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Users\EAGLE\.ebookreader
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-17 09:55 - 2018-03-17 09:55 - 000000000 ____D C:\Program Files (x86)\Icecream Ebook Reader
2018-03-16 21:49 - 2018-03-16 21:49 - 018855816 _____ C:\Users\EAGLE\Desktop\SY0-501hc.zip
2018-03-16 21:10 - 2018-03-24 15:23 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\VMware
2018-03-16 21:10 - 2018-03-24 15:23 - 000000000 ____D C:\Users\EAGLE\AppData\Local\VMware
2018-03-15 23:00 - 2018-03-17 09:46 - 000000000 ____D C:\Users\EAGLE\Desktop\Flask
2018-03-15 21:48 - 2018-03-15 21:48 - 000000404 _____ C:\Users\EAGLE\Desktop\ddd.txt
2018-03-15 21:00 - 2018-03-15 21:00 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Easeware
2018-03-15 21:00 - 2018-03-15 21:00 - 000000000 ____D C:\Program Files\Easeware
2018-03-15 19:27 - 2018-03-15 19:27 - 000000614 _____ C:\Users\EAGLE\Desktop\LOG.lnk
2018-03-15 19:08 - 2018-03-15 19:17 - 001797749 _____ C:\Users\EAGLE\Desktop\BOUTAYEB_convention.pdf
2018-03-14 22:20 - 2018-03-14 22:20 - 008639972 _____ C:\Users\EAGLE\Desktop\FONDATION MAISON DU MAROC.rar
2018-03-14 20:56 - 2018-03-15 19:35 - 000000000 ____D C:\Users\EAGLE\Desktop\FONDATION MAISON DU MAROC
2018-03-14 20:55 - 2018-03-17 13:54 - 000000000 ____D C:\Users\EAGLE\Desktop\CROUS FILE
2018-03-14 20:55 - 2018-03-15 19:25 - 000000000 ____D C:\Users\EAGLE\Desktop\CERGY FILE
2018-03-14 20:23 - 2018-03-14 20:23 - 003158196 _____ C:\Users\EAGLE\Desktop\dossier à remplir INTRINSEC.rar
2018-03-14 17:40 - 2018-03-14 17:40 - 001764352 _____ (Farbar) C:\Users\EAGLE\Desktop\FRST (1).exe
2018-03-11 22:17 - 2018-03-11 22:17 - 000000000 ____H C:\Windows\System32\Drivers\Msft_User_wbf_vfs451_01_09_00.Wdf
2018-03-11 22:17 - 2018-03-11 22:17 - 000000000 ____D C:\ProgramData\Validity
2018-03-11 20:01 - 2018-03-24 15:23 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Free Download Manager
2018-03-11 20:01 - 2018-03-11 20:01 - 000002746 _____ C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor
2018-03-11 20:01 - 2018-03-11 20:01 - 000000000 ____D C:\Users\EAGLE\AppData\Local\CEF
2018-03-11 20:01 - 2018-03-11 20:01 - 000000000 ____D C:\Program Files\FreeDownloadManager.ORG
2018-03-10 12:10 - 2018-03-10 12:10 - 000247940 _____ C:\Users\EAGLE\Desktop\Planning du 201803 de BOUTAYEB Abdelali (1).pdf
2018-03-09 22:24 - 2018-03-23 03:13 - 001953380 _____ C:\Windows\ntbtlog.txt
2018-03-08 20:00 - 2018-03-08 20:03 - 000000000 ____D C:\Windows\System32\MRT
2018-03-08 20:00 - 2018-03-08 20:00 - 130067560 ____C (Microsoft Corporation) C:\Windows\System32\MRT-KB890830.exe
2018-03-08 19:59 - 2018-03-08 19:59 - 130067560 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2018-03-08 19:32 - 2013-10-14 18:00 - 000028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2018-03-08 17:11 - 2014-06-30 23:24 - 000008856 _____ (Microsoft Corporation) C:\Windows\System32\icardres.dll
2018-03-08 17:11 - 2014-06-30 23:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2018-03-08 17:11 - 2014-06-06 07:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-03-08 17:11 - 2014-06-06 07:12 - 000035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2018-03-08 17:11 - 2014-03-09 22:48 - 001389208 _____ (Microsoft Corporation) C:\Windows\System32\icardagt.exe
2018-03-08 17:11 - 2014-03-09 22:48 - 000171160 _____ (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
2018-03-08 17:11 - 2014-03-09 22:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2018-03-08 17:11 - 2014-03-09 22:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2018-03-08 13:29 - 2017-06-05 18:52 - 008981182 _____ C:\Users\EAGLE\Desktop\Romadi2016-2017.zip
2018-03-08 12:28 - 2018-03-08 12:28 - 000000000 ____D C:\Users\EAGLE\Documents\NetBeansProjects
2018-03-08 12:27 - 2018-03-18 11:48 - 000000000 ____D C:\Users\EAGLE\Documents\Virtual Machines
2018-03-08 12:22 - 2018-03-08 12:22 - 000000697 _____ C:\Users\EAGLE\Desktop\VIDEOS HACKING.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000646 _____ C:\Users\EAGLE\Desktop\MASTERs.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000646 _____ C:\Users\EAGLE\Desktop\HACKING.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000639 _____ C:\Users\EAGLE\Desktop\DIVERS.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000623 _____ C:\Users\EAGLE\Desktop\SECU.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000623 _____ C:\Users\EAGLE\Desktop\DINE.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000614 _____ C:\Users\EAGLE\Desktop\LAB.lnk
2018-03-08 03:14 - 2018-03-08 03:14 - 000000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2018-03-08 03:12 - 2018-03-07 18:23 - 000000000 ____D C:\Windows\Panther
2018-03-08 03:05 - 2018-03-08 03:12 - 000000000 ____D C:\$WINDOWS.~LS
2018-03-08 03:05 - 2018-03-08 03:05 - 000000000 ____D C:\$WINDOWS.~BT
2018-03-08 02:18 - 2015-10-18 17:53 - 000075512 _____ (VMware, Inc.) C:\Windows\System32\Drivers\vsock.sys
2018-03-08 02:18 - 2015-10-18 17:53 - 000068288 _____ (VMware, Inc.) C:\Windows\System32\vsocklib.dll
2018-03-08 02:18 - 2015-10-18 17:53 - 000064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2018-03-08 02:17 - 2015-10-18 18:33 - 000934080 _____ (VMware, Inc.) C:\Windows\System32\vnetlib64.dll
2018-03-08 02:17 - 2015-10-18 18:33 - 000391872 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2018-03-08 02:17 - 2015-10-18 18:33 - 000358080 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2018-03-08 02:17 - 2015-10-18 18:33 - 000066752 _____ (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys
2018-03-08 02:17 - 2015-10-18 18:33 - 000033472 _____ (VMware, Inc.) C:\Windows\System32\Drivers\VMkbd.sys
2018-03-08 02:17 - 2015-10-18 18:33 - 000031936 _____ (VMware, Inc.) C:\Windows\System32\Drivers\VMparport.sys
2018-03-08 02:17 - 2015-10-18 18:11 - 000026816 _____ (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys
2018-03-08 02:16 - 2018-03-08 02:16 - 000001203 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2018-03-08 02:16 - 2018-03-08 02:16 - 000001024 _____ C:\Windows\SysWOW64\%TMP%
2018-03-08 02:16 - 2018-03-08 02:16 - 000000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2018-03-08 02:16 - 2018-03-08 02:16 - 000000000 ____D C:\Program Files\Common Files\VMware
2018-03-08 02:16 - 2018-03-08 02:16 - 000000000 ____D C:\Program Files (x86)\VMware
2018-03-08 02:16 - 2015-10-06 08:02 - 000057536 _____ (VMware, Inc.) C:\Windows\System32\Drivers\hcmon.sys
2018-03-08 02:16 - 2015-10-06 08:01 - 000046144 _____ (VMware, Inc.) C:\Windows\System32\Drivers\vmusb.sys
2018-03-08 01:52 - 2018-03-08 01:52 - 000000000 ____D C:\ProgramData\KMSAuto
2018-03-08 00:42 - 2018-03-08 00:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-08 00:36 - 2018-03-24 15:09 - 000000000 ____D C:\ProgramData\VMware
2018-03-08 00:35 - 2018-03-08 00:37 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\TeraCopy
2018-03-08 00:30 - 2018-03-08 00:30 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-03-08 00:26 - 2018-03-08 00:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-08 00:25 - 2018-03-08 00:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-03-08 00:24 - 2018-03-08 00:24 - 000000000 ____D C:\Windows\PCHEALTH
2018-03-08 00:24 - 2018-03-08 00:24 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-03-08 00:24 - 2018-03-08 00:24 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-03-08 00:18 - 2018-03-08 00:18 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-03-08 00:18 - 2018-03-08 00:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-03-08 00:17 - 2018-03-08 00:24 - 000000000 ____D C:\Program Files\Microsoft Office
2018-03-08 00:17 - 2018-03-08 00:17 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Microsoft Help
2018-03-08 00:17 - 2018-03-08 00:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-07 23:56 - 2014-12-08 04:09 - 000406528 _____ (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2018-03-07 23:56 - 2014-12-08 03:46 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-03-07 23:55 - 2018-03-07 23:55 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Eraser 6
2018-03-07 23:55 - 2018-03-07 23:55 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2018-03-07 23:55 - 2011-04-09 07:58 - 000142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2018-03-07 23:55 - 2011-04-09 06:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2018-03-07 23:54 - 2016-03-09 19:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2018-03-07 23:54 - 2016-03-09 19:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2018-03-07 23:54 - 2011-05-24 12:42 - 000404480 _____ (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2018-03-07 23:54 - 2011-05-24 11:40 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2018-03-07 23:54 - 2011-05-24 11:40 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2018-03-07 23:54 - 2011-05-24 11:39 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2018-03-07 23:54 - 2011-05-24 11:37 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2018-03-07 23:53 - 2015-11-03 20:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\System32\els.dll
2018-03-07 23:53 - 2015-11-03 19:55 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2018-03-07 22:52 - 2018-03-08 01:52 - 000000000 ____D C:\Users\EAGLE\AppData\Local\MSfree Inc
2018-03-07 22:52 - 2016-03-09 20:00 - 000444416 _____ (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2018-03-07 22:52 - 2016-03-09 20:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\System32\webio.dll
2018-03-07 22:52 - 2016-03-09 19:40 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-03-07 22:52 - 2016-03-09 19:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2018-03-07 22:52 - 2011-02-12 12:34 - 000267776 _____ (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2018-03-07 22:51 - 2016-02-09 10:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2018-03-07 22:51 - 2013-01-24 07:01 - 000223752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2018-03-07 22:51 - 2012-07-04 23:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2018-03-07 22:51 - 2012-07-04 23:13 - 000136704 _____ (Microsoft Corporation) C:\Windows\System32\browser.dll
2018-03-07 22:51 - 2012-07-04 23:13 - 000059392 _____ (Microsoft Corporation) C:\Windows\System32\browcli.dll
2018-03-07 22:51 - 2012-07-04 22:16 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2018-03-07 22:51 - 2012-07-04 22:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2018-03-07 22:51 - 2011-12-16 09:46 - 000634880 _____ (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2018-03-07 22:51 - 2011-12-16 08:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2018-03-07 22:51 - 2011-08-27 06:37 - 000861696 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2018-03-07 22:51 - 2011-08-27 06:37 - 000331776 _____ (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2018-03-07 22:51 - 2011-08-27 05:26 - 000571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-03-07 22:51 - 2011-08-27 05:26 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2018-03-07 22:50 - 2015-03-04 05:55 - 000367552 _____ (Microsoft Corporation) C:\Windows\System32\clfs.sys
2018-03-07 22:50 - 2015-03-04 05:41 - 000079360 _____ (Microsoft Corporation) C:\Windows\System32\clfsw32.dll
2018-03-07 22:50 - 2015-03-04 05:10 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2018-03-07 22:50 - 2013-10-12 03:32 - 000150016 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2018-03-07 22:50 - 2013-10-12 03:31 - 000202752 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2018-03-07 22:50 - 2013-10-12 03:04 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-03-07 22:50 - 2013-10-12 03:03 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-03-07 22:50 - 2013-10-12 02:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2018-03-07 22:50 - 2013-10-12 02:33 - 000156160 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2018-03-07 22:50 - 2013-10-12 02:15 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-03-07 22:50 - 2013-10-12 02:15 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-03-07 22:50 - 2011-02-18 11:51 - 000031232 _____ (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2018-03-07 22:50 - 2011-02-18 06:39 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2018-03-07 22:42 - 2018-03-07 22:42 - 000000000 ____D C:\Users\EAGLE\AppData\Local\ESET
2018-03-07 22:40 - 2018-03-24 07:54 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\vlc
2018-03-07 22:38 - 2018-03-07 23:56 - 000000000 ____D C:\Program Files (x86)\TNod
2018-03-07 22:28 - 2015-01-14 07:09 - 005554112 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2018-03-07 22:28 - 2015-01-14 07:09 - 000155064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2018-03-07 22:28 - 2015-01-14 07:09 - 000095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2018-03-07 22:28 - 2015-01-14 07:05 - 001461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2018-03-07 22:28 - 2015-01-14 07:04 - 000296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2018-03-07 22:28 - 2015-01-14 07:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2018-03-07 22:28 - 2015-01-14 07:04 - 000031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2018-03-07 22:28 - 2015-01-14 07:02 - 000146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2018-03-07 22:28 - 2015-01-14 07:02 - 000060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2018-03-07 22:28 - 2015-01-14 06:59 - 000686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2018-03-07 22:28 - 2015-01-14 06:44 - 003972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-07 22:28 - 2015-01-14 06:44 - 003917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-07 22:28 - 2015-01-14 06:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-07 22:28 - 2015-01-14 06:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-07 22:28 - 2015-01-14 06:40 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-07 22:28 - 2015-01-14 06:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-07 22:28 - 2015-01-14 06:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-07 22:28 - 2015-01-14 06:37 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-07 22:28 - 2015-01-14 06:36 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-07 22:28 - 2014-12-30 02:23 - 000459336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2018-03-07 22:28 - 2014-11-11 04:08 - 000728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2018-03-07 22:28 - 2014-11-11 03:44 - 000550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000342016 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-07 22:27 - 2016-04-09 07:58 - 001190912 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2018-03-07 22:27 - 2016-04-09 07:54 - 001011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-03-07 22:27 - 2013-08-28 02:12 - 000461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2018-03-07 22:27 - 2013-08-02 03:12 - 000043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2018-03-07 22:27 - 2013-08-02 03:12 - 000006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2018-03-07 22:27 - 2013-08-02 02:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-07 22:27 - 2013-08-02 01:59 - 000112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2018-03-07 22:27 - 2012-06-06 07:02 - 001133568 _____ (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2018-03-07 22:27 - 2012-06-06 06:03 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-03-07 22:24 - 2018-03-07 22:24 - 000000000 ____D C:\Program Files\Eraser
2018-03-07 22:14 - 2018-03-07 22:14 - 000000000 ____D C:\Program Files\VideoLAN
2018-03-07 22:13 - 2018-03-07 22:13 - 000000000 __RHD C:\MSOCache
2018-03-07 22:13 - 2015-02-04 04:16 - 000392192 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2018-03-07 22:13 - 2015-02-04 03:54 - 000318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2018-03-07 22:12 - 2018-03-07 22:12 - 000000000 ____D C:\ProgramData\ESET
2018-03-07 22:12 - 2018-03-07 22:12 - 000000000 ____D C:\Program Files\ESET
2018-03-07 22:00 - 2018-03-07 22:00 - 000000000 ____D C:\Program Files (x86)\Unchecky
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\ProgramData\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\Program Files\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\Program Files\Common Files\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\Program Files (x86)\Nitro
2018-03-07 21:58 - 2015-05-06 04:23 - 000031896 _____ (Nitro PDF Software) C:\Windows\System32\nitrolocalmon10.dll
2018-03-07 21:58 - 2015-05-06 04:23 - 000020120 _____ (Nitro PDF Software) C:\Windows\System32\nitrolocalui10.dll
2018-03-07 21:57 - 2018-03-07 21:57 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Downloaded Installations
2018-03-07 21:55 - 2018-03-17 10:19 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\DMCache
2018-03-07 21:55 - 2018-03-07 23:58 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\IDM
2018-03-07 21:55 - 2018-03-07 21:55 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-03-07 21:55 - 2008-12-17 13:03 - 000206256 _____ (Tonec Inc.) C:\Windows\SysWOW64\idmmbc.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-eventing-provider-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
2018-03-07 19:17 - 2012-02-17 07:38 - 001112064 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2018-03-07 19:17 - 2012-02-17 07:38 - 001031680 _____ (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2018-03-07 19:17 - 2012-02-17 06:34 - 000826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2018-03-07 19:17 - 2012-02-17 05:58 - 000210944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2018-03-07 19:17 - 2012-02-17 05:57 - 000023552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2018-03-07 19:09 - 2018-03-23 01:15 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-07 19:09 - 2018-03-07 19:09 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Google
2018-03-07 19:08 - 2018-03-07 19:18 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Google
2018-03-07 19:08 - 2018-03-07 19:09 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-07 19:08 - 2018-03-07 19:08 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-03-07 19:08 - 2018-03-07 19:08 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-03-07 19:08 - 2018-03-07 19:08 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Deployment
2018-03-07 19:08 - 2018-03-07 19:08 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Apps\2.0
2018-03-07 19:06 - 2018-03-07 19:06 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Synaptics
2018-03-07 19:05 - 2018-03-17 10:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-07 19:00 - 2018-03-07 19:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-07 19:00 - 2015-02-04 04:56 - 000072904 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2018-03-07 19:00 - 2015-02-04 04:56 - 000059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-03-07 19:00 - 2015-02-03 17:18 - 004229086 _____ C:\Windows\System32\nvcoproc.bin
2018-03-07 19:00 - 2014-02-08 18:42 - 006712608 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 003498272 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 002559776 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 000923936 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2018-03-07 19:00 - 2014-02-08 18:42 - 000386336 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 000063776 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2018-03-07 18:59 - 2018-03-07 18:59 - 000000000 ____D C:\Program Files\DIFX
2018-03-07 18:59 - 2015-05-04 16:14 - 011534096 _____ (Intel Corporation) C:\Windows\System32\Drivers\NETwsw01.sys
2018-03-07 18:59 - 2015-02-11 11:38 - 001515296 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2018-03-07 18:59 - 2015-02-11 11:38 - 000197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2018-03-07 18:59 - 2015-02-11 11:38 - 000031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2018-03-07 18:59 - 2015-02-04 04:56 - 001907400 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6434144.dll
2018-03-07 18:59 - 2015-02-04 04:56 - 001555656 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6434144.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 018257576 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 017715784 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 014669032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 003090184 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 000024544 _____ C:\Windows\System32\nvinfo.pb
2018-03-07 18:58 - 2018-03-17 10:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-07 18:58 - 2018-03-07 18:58 - 000000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2018-03-07 18:58 - 2018-03-07 18:58 - 000000000 ____D C:\Program Files\Synaptics
2018-03-07 18:58 - 2018-03-07 18:58 - 000000000 ____D C:\NVIDIA
2018-03-07 18:58 - 2012-05-18 23:55 - 000737592 _____ (Synaptics Incorporated) C:\Windows\System32\SynCOM.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000434488 _____ (Synaptics Incorporated) C:\Windows\System32\Drivers\SynTP.sys
2018-03-07 18:58 - 2012-05-18 23:55 - 000404792 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000309560 _____ (Synaptics Incorporated) C:\Windows\System32\SynCtrl.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000249144 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000229688 _____ (Synaptics Incorporated) C:\Windows\System32\SynTPAPI.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000150840 _____ (Synaptics Incorporated) C:\Windows\System32\SynTPCo10.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000113976 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000068920 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPEnhPS.dll
2018-03-07 18:58 - 2011-09-15 00:11 - 001048576 _____ C:\Windows\System32\syndata.bin
2018-03-07 18:58 - 2009-08-07 15:49 - 001721576 _____ (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01009.dll
2018-03-07 18:57 - 2018-03-08 18:12 - 000780680 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-03-07 18:57 - 2018-03-08 00:44 - 000111128 _____ C:\Users\EAGLE\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Windows\Options
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Users\EAGLE\Intel
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Intel Corporation
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Downloaded Installations
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\ProgramData\Intel
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Program Files\LSI SoftModem
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Program Files\Intel
2018-03-07 18:57 - 2009-06-09 13:28 - 000064000 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe
2018-03-07 18:57 - 2009-03-27 18:12 - 000014848 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll
2018-03-07 18:57 - 2009-03-27 18:12 - 000013824 ____N (LSI Corporation) C:\Windows\SysWOW64\agrscoin.dll
2018-03-07 18:56 - 2018-03-11 22:17 - 000000000 ____D C:\Program Files\Validity Sensors
2018-03-07 18:56 - 2009-08-10 15:31 - 000015497 _____ C:\Windows\snp2uvc.ini
2018-03-07 18:56 - 2009-08-10 15:31 - 000013022 _____ C:\Windows\snp2uvc.src
2018-03-07 18:56 - 2009-07-20 15:05 - 000059008 _____ (RICOH Company, Ltd.) C:\Windows\System32\Drivers\rismcx64.sys
2018-03-07 18:56 - 2009-03-26 14:41 - 001834416 _____ () C:\Windows\System32\Drivers\snp2uvc.sys
2018-03-07 18:56 - 2009-03-26 14:41 - 000399920 _____ (Sonix) C:\Windows\System32\vsnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:40 - 000313392 _____ ( ) C:\Windows\System32\csnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:40 - 000250928 _____ ( ) C:\Windows\System32\rsnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:40 - 000041264 _____ C:\Windows\System32\Drivers\sncduvc.sys
2018-03-07 18:56 - 2009-03-26 14:38 - 000313904 _____ (Sonix) C:\Windows\SysWOW64\vsnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:38 - 000027184 _____ () C:\Windows\snuvcdsm.exe
2018-03-07 18:56 - 2009-03-26 14:37 - 000256560 _____ ( ) C:\Windows\SysWOW64\rsnp2uvc.dll
2018-03-07 18:55 - 2018-03-17 21:44 - 000000000 ____D C:\SWSETUP
2018-03-07 18:55 - 2009-12-17 09:15 - 000114688 _____ (RICOH) C:\Windows\SysWOW64\RicohMediadriverVer.dll
2018-03-07 18:55 - 2007-07-25 12:48 - 000172032 _____ (Ricoh Company,Ltd) C:\Windows\System32\rixdicon.dll
2018-03-07 18:55 - 2004-09-04 03:00 - 000090112 _____ (Sony Corporation) C:\Windows\System32\snymsico.dll
2018-03-07 18:54 - 2018-03-07 18:54 - 000000000 ____D C:\Users\EAGLE\Documents\Bluetooth Exchange Folder
2018-03-07 18:54 - 2018-03-07 18:54 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Broadcom
2018-03-07 18:54 - 2018-03-07 18:54 - 000000000 ____D C:\Program Files\WIDCOMM
2018-03-07 18:54 - 2014-07-18 11:04 - 000599288 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwampfl.sys
2018-03-07 18:54 - 2012-05-02 09:48 - 000184144 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwaudio.sys
2018-03-07 18:54 - 2012-03-06 15:59 - 000210984 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwavdt.sys
2018-03-07 18:54 - 2012-03-06 15:59 - 000021544 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwrchid.sys
2018-03-07 18:54 - 2011-09-18 04:08 - 000039976 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwl2cap.sys
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Users\EAGLE\My Drivers
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Innovative Solutions
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Innovative Solutions
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\My Drivers
2018-03-07 18:49 - 2018-03-07 18:49 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\WinRAR
2018-03-07 18:48 - 2018-03-07 18:48 - 000000000 ____D C:\Program Files (x86)\WinRAR
2018-03-07 18:46 - 2018-03-07 18:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\2C0A
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0C0A
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0C04
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0816
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0804
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0424
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\041F
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\041E
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\041D
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\041B
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0419
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0416
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0415
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0414
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0413
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0412
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0411
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0410
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\040E
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\040D
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\040C
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\040B
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\040A
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0408
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0407
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0406
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0405
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0404
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\System32\0401
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Program Files (x86)\Renesas Electronics
2018-03-07 18:40 - 2018-03-07 18:40 - 000000000 ____D C:\Program Files (x86)\Intel
2018-03-07 18:40 - 2018-03-07 18:40 - 000000000 ____D C:\Intel
2018-03-07 18:40 - 2013-08-21 15:16 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2018-03-07 18:31 - 2014-05-14 17:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-03-07 18:31 - 2014-05-14 17:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2018-03-07 18:31 - 2014-05-14 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2018-03-07 18:31 - 2014-05-14 17:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-03-07 18:31 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2018-03-07 18:31 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-03-07 18:31 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2018-03-07 18:31 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-03-07 18:30 - 2018-03-07 18:30 - 000000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2018-03-07 18:24 - 2018-03-18 16:16 - 000000000 ____D C:\users\EAGLE
2018-03-07 18:24 - 2018-03-07 18:24 - 000000020 ___SH C:\Users\EAGLE\ntuser.ini
2018-03-07 18:24 - 2018-03-07 18:24 - 000000000 ____D C:\Users\EAGLE\AppData\Local\VirtualStore
2018-03-07 18:24 - 2011-04-12 09:28 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Media Center Programs

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-03-24 14:23 - 2009-07-14 05:45 - 000021248 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-24 14:23 - 2009-07-14 05:45 - 000021248 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-24 14:11 - 2009-07-14 06:13 - 000788434 _____ C:\Windows\System32\PerfStringBackup.INI
2018-03-24 14:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-24 14:04 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-17 23:09 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2018-03-17 11:39 - 2018-01-09 17:40 - 000000000 ____D C:\Users\EAGLE\Desktop\anim
2018-03-15 22:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\LiveKernelReports
2018-03-15 03:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-03-14 19:34 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-11 22:17 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\System32\WinBioPlugIns
2018-03-09 21:12 - 2011-04-12 09:28 - 000000000 ____D C:\Windows\ShellNew
2018-03-09 21:12 - 2011-04-12 09:28 - 000000000 ____D C:\Program Files\Windows Journal
2018-03-09 21:12 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender
2018-03-09 21:12 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\System32\Dism
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\System32\AdvancedInstallers
2018-03-09 21:10 - 2009-07-14 05:45 - 000431832 _____ C:\Windows\System32\FNTCACHE.DAT
2018-03-08 03:14 - 2011-04-12 09:28 - 000000000 ____D C:\Windows\CSC
2018-03-08 03:12 - 2009-07-14 06:32 - 000028672 _____ C:\Windows\System32\config\BCD-Template
2018-03-08 02:15 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-03-08 00:54 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2018-03-07 19:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2018-03-07 18:46 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\System32\0409

Certains fichiers dans TEMP:
====================
2018-03-24 11:14 - 2009-07-14 02:39 - 000020480 _____ (Microsoft Corporation) C:\Users\EAGLE\AppData\Local\Temp\16688.exe
2018-03-22 21:54 - 2009-07-14 02:39 - 000020480 _____ (Microsoft Corporation) C:\Users\EAGLE\AppData\Local\Temp\3664.exe
2011-04-08 18:32 - 2011-04-08 18:32 - 000399360 _____ () C:\Users\EAGLE\AppData\Local\Temp\FileUnlocker_Installer.exe
2001-12-19 11:45 - 2001-12-19 11:45 - 000023552 _____ () C:\Users\EAGLE\AppData\Local\Temp\VCdControlTool.exe

==================== Known DLLs (Avec liste blanche) =========================


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\System32\winlogon.exe => Le MD5 est légitime
C:\Windows\System32\wininit.exe => Le MD5 est légitime
C:\Windows\SysWOW64\wininit.exe => Le MD5 est légitime
C:\Windows\explorer.exe => Le MD5 est légitime
C:\Windows\SysWOW64\explorer.exe => Le MD5 est légitime
C:\Windows\System32\svchost.exe => Le MD5 est légitime
C:\Windows\SysWOW64\svchost.exe => Le MD5 est légitime
C:\Windows\System32\services.exe => Le MD5 est légitime
C:\Windows\System32\User32.dll => Le MD5 est légitime
C:\Windows\SysWOW64\User32.dll => Le MD5 est légitime
C:\Windows\System32\userinit.exe => Le MD5 est légitime
C:\Windows\SysWOW64\userinit.exe => Le MD5 est légitime
C:\Windows\System32\rpcss.dll => Le MD5 est légitime
C:\Windows\System32\dnsapi.dll => Le MD5 est légitime
C:\Windows\SysWOW64\dnsapi.dll => Le MD5 est légitime
C:\Windows\System32\Drivers\volsnap.sys => Le MD5 est légitime

==================== Association (Avec liste blanche) =============


==================== Points de restauration  =========================


==================== Infos Mémoire =========================== 

Pourcentage de mémoire utilisée: 10%
Mémoire physique - RAM - totale: 8047.38 MB
Mémoire physique - RAM - disponible: 7213.99 MB
Mémoire virtuelle totale: 8045.53 MB
Mémoire virtuelle disponible: 7209.03 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:318.09 GB) (Free:180.9 GB) NTFS
Drive d: (DATA) (Fixed) (Total:605.47 GB) (Free:190.38 GB) NTFS
Drive f: () (Fixed) (Total:7.86 GB) (Free:7 GB) NTFS
Drive h: (MULTIBOOT) (Removable) (Total:15.12 GB) (Free:6.7 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]


==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AF744DB5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=318.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=605.5 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=7.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15.1 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15.1 GB) - (Type=07 NTFS)

LastRegBack: 2018-03-19 22:00

==================== Fin de FRST.txt ============================

Link to post
Share on other sites

Awesome :) Now you should be able to install and run a scan with Malwarebytes.

j1Bynr2.pngMalwarebytes - Clean Mode

  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply

Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/24/18
Scan Time: 6:36 PM
Log File: d9234a02-2f89-11e8-9ca4-68b599fd66ba.json
Administrator: Yes

-Software Information-
Version: 3.4.4.2398
Components Version: 1.0.322
Update Package Version: 1.0.4472
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CLAW\EAGLE

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 256319
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 4 min, 10 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
RiskWare.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TNod, Delete-on-Reboot, [406], [352776],1.0.4472

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
RiskWare.Agent, C:\PROGRAM FILES (X86)\TNOD\UNINST-TNOD.EXE, Quarantined, [406], [352776],1.0.4472

Physical Sector: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Good :) Now let's do a sweep with AdwCleaner and RogueKiller.

zcMPezJ.pngAdwCleaner - Fix Mode

  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes
    V7SD4El.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

RQKuhw1.pngRogueKiller

  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply

Your next reply(ies) should therefore contain:

  • Copy/pasted AdwCleaner clean log
  • Copy/pasted RogueKiller clean log

Link to post
Share on other sites

AdwCleaner:
 

 

# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 24 17:51:40 2018
# Updated on 2018/08/02 by Malwarebytes 
# Database: 2018-03-23.1
# Running on Windows 7 Ultimate (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

 

Link to post
Share on other sites

RogueKiller:

RogueKiller V12.12.9.0 (x64) [Mar 19 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : EAGLE [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 03/24/2018 18:58:56 (Duration : 00:23:36)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 6 ¤¤¤
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\KMSAuto Net.exe -> Deleted
[PUP.Gen1][Folder] C:\Users\EAGLE\AppData\Roaming\Easeware -> Deleted
[PUP.Gen1][Folder] C:\Users\EAGLE\AppData\Roaming\Easeware\DriverEasy\drivers -> Deleted
[PUP.Gen1][File] C:\Users\EAGLE\AppData\Roaming\Easeware\DriverEasy\settings.dat -> Deleted
[PUP.Gen1][Folder] C:\Users\EAGLE\AppData\Roaming\Easeware\DriverEasy -> Deleted
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto -> ERROR [3]
[PUP.HackTool][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Download Licenses.lnk -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Insert license with the maximum expiration date.lnk -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Open Settings.lnk -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\README.lnk -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Recover current license.lnk -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Run hidden.lnk -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Uninstall.lnk -> Deleted
[PUP.HackTool][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Update license.lnk -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Easeware -> Deleted
[PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Crack.rar -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Easeware\DriverEasy -> Deleted
[Tr.Gen][Folder] C:\Program Files (x86)\TNod -> Deleted
[Tr.Gen][File] C:\Program Files (x86)\TNod\CREDITS.txt -> Deleted
[Tr.Gen][File] C:\Program Files (x86)\TNod\LEEME.txt -> Deleted
[Tr.Gen][File] C:\Program Files (x86)\TNod\tnodicons.icl -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUP.Gen0][Chrome:Addon] Default : Video Downloader professional [elicpjhcidhpjomhibiffojpinpmmpil] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://www.cheat-sheets.org/] -> Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000LX 015-1U7172 SCSI Disk Device +++++
--- User ---
[MBR] d7076fd7c587cf5b62c2913752be80ae
[BSP] 5671a98cd7509918c8870d97455be0c9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 325721 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 667283456 | Size: 620000 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1937043456 | Size: 8046 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! ([32] The request is not supported. )
Error reading LL2 MBR! ([32] The request is not supported. )

 

 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by EAGLE (administrator) on CLAW (24-03-2018 22:38:59)
Running from C:\Users\EAGLE\Desktop\malwarebyte procedure
Loaded Profiles: EAGLE (Available Profiles: EAGLE)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
() C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
() C:\Windows\System32\valWBFPolicyService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
( ) C:\Program Files\Copy Handler\ch64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927928 2012-05-18] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1084328 2015-04-13] (The Eraser Project)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2010-09-07] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-107176975-4180119475-431572307-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10150912 2018-02-22] (FreeDownloadManager.org)
HKU\S-1-5-21-107176975-4180119475-431572307-1000\...\Run: [Copy Handler] => C:\Program Files\Copy Handler\ch64.exe [1836264 2016-11-18] ( )
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-03-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 22 C:\Windows\SysWOW64\idmmbc.dll [206256 2008-12-17] (Tonec Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{46D32CE6-3F30-48AF-9F5D-459F96F3FED4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{67517825-CCA3-4EFB-8A67-C764DED092C7}: [DhcpNameServer] 212.27.40.241 212.27.40.240

Internet Explorer:
==================
HKU\S-1-5-21-107176975-4180119475-431572307-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-15] (Microsoft Corporation)
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-15] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: va2dqqz2.default
FF ProfilePath: C:\Users\EAGLE\AppData\Roaming\Mozilla\Firefox\Profiles\va2dqqz2.default [2018-03-17]
FF HKU\S-1-5-21-107176975-4180119475-431572307-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\EAGLE\AppData\Roaming\IDM\idmmzcc2
FF Extension: (IDM CC) - C:\Users\EAGLE\AppData\Roaming\IDM\idmmzcc2 [2018-03-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2015-05-06] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-07] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.cheat-sheets.org/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default [2018-03-24]
CHR Extension: (Google Traduction) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-07]
CHR Extension: (Slides) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-07]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2018-03-07]
CHR Extension: (Free Web Proxy) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\angbhbjbplfpkbcijbkhecjfcfgjbjoc [2018-03-07]
CHR Extension: (Docs) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-07]
CHR Extension: (Google Drive) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-07]
CHR Extension: (Track Me Not) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aplepkehejihebabfhghmdelnbppchnp [2018-03-07]
CHR Extension: (Turn Off the Lights) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2018-03-11]
CHR Extension: (YouTube) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-07]
CHR Extension: (Cookie Cleaner (Cookie Eraser)) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmeppphogddecgcngpdiknecdacbkoa [2018-03-18]
CHR Extension: (Adblock Plus) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-03-07]
CHR Extension: (Image Downloader) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-24]
CHR Extension: (Spark View, Faster than any native RDP client) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddnnpdbioplhcagobicknkjkbhdefjkg [2018-03-17]
CHR Extension: (Easy Subtitles) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmalcfodhbdonabbncapihcejmhaipp [2018-03-07]
CHR Extension: (Gmail hors connexion) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2018-03-07]
CHR Extension: (Video Downloader professional) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-03-24]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2018-03-07]
CHR Extension: (Sheets) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-07]
CHR Extension: (AdBlock) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-07]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-03-15]
CHR Extension: (PDF Mergy - Merge PDF files) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2018-03-07]
CHR Extension: (Marvel Comics) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice [2018-03-07]
CHR Extension: (Dictionary Instant) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngaklbjlbjhmoilkegninbmpfigheol [2018-03-07]
CHR Extension: (My IP) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikbgmfgkdplpkdnamkjbdanfcgfeejmg [2018-03-07]
CHR Extension: (Free PDF Maker) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbhncalhbjgoibpokgjnjigjpkdopai [2018-03-07]
CHR Extension: (Flash Cards : HTML Reference) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\iopafkgdadjpkkikehhdjelocckoffdf [2018-03-07]
CHR Extension: (Grammarly for Chrome) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-03-21]
CHR Extension: (Calculatrice) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2018-03-07]
CHR Extension: (Turbo Download Manager) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kemfccojgjoilhfmcblgimbggikekjip [2018-03-24]
CHR Extension: (Auto HD For YouTube™) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2018-03-07]
CHR Extension: (Save as PDF) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2018-03-07]
CHR Extension: (Ugly Email) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldgiafaliifpknmgofiifianlnbgflgj [2018-03-07]
CHR Extension: (Toefl Exercises) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpaekkjdfknjjhlihemoammeedofnle [2018-03-07]
CHR Extension: (Short stories) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\llfgpkggchanlapahlpmkhemcoceglbd [2018-03-07]
CHR Extension: (Download in IDM (Internet Download Manager)) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpemnebipihbcadlafaidjibohhfocn [2018-03-18]
CHR Extension: (Scraper) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2018-03-17]
CHR Extension: (LinkedIn Extension) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\meajfmicibjppdgbjfkpdikfjcflabpk [2018-03-07]
CHR Extension: (Awesome Screenshot App) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpiaehgjbbfednooihadalhehabhcjo [2018-03-07]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2018-03-07]
CHR Extension: (Vérificateur de messages Google) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-03-07]
CHR Extension: (Gratuit Unlocker PDF en ligne) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdknbehfogkgogcennnagfokmnimpab [2018-03-07]
CHR Extension: (Service proxy et VPN Hotspot Shield gratuit - Déblocage de sites) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2018-03-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-07]
CHR Extension: (Adblock Pro) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2018-03-07]
CHR Extension: (Print Friendly & PDF) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2018-03-07]
CHR Extension: (Dolch Sight Words) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\onleehglkpphjodfgbfipekkojffjkhl [2018-03-07]
CHR Extension: (Mon adresse IP) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2018-03-07]
CHR Extension: (Outlook.com) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2018-03-07]
CHR Extension: (Gmail) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-07]
CHR Extension: (Streak CRM pour Gmail) - C:\Users\EAGLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2018-03-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1940584 2017-12-18] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-06] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-06] ()
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [107624 2018-03-07] (RaMMicHaeL) [File not signed]
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28672 2013-10-17] ()
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465856 2015-10-18] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61040 2018-01-19] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76200 2018-01-18] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193248 2018-03-24] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [109800 2018-03-24] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45960 2018-03-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-24] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [92280 2018-03-24] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [76288 2009-09-24] (REDC)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1834416 2009-03-26] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-10-18] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-10-18] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-24 22:37 - 2018-03-24 22:37 - 018226160 _____ C:\Users\EAGLE\Desktop\webm.webm.fdmdownload
2018-03-24 22:19 - 2018-03-24 22:19 - 000000000 ____D C:\Users\EAGLE\Desktop\secnumacademie
2018-03-24 21:54 - 2018-03-24 21:55 - 000001112 _____ C:\Users\EAGLE\Desktop\abreg anglias.txt
2018-03-24 18:58 - 2018-03-24 19:58 - 000000000 ____D C:\ProgramData\RogueKiller
2018-03-24 18:58 - 2018-03-24 18:58 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-03-24 18:58 - 2018-03-24 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-03-24 18:57 - 2018-03-24 18:58 - 000000000 ____D C:\Program Files\RogueKiller
2018-03-24 18:49 - 2018-03-24 18:51 - 000000000 ____D C:\AdwCleaner
2018-03-24 18:44 - 2018-03-24 18:44 - 000045960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-03-24 18:42 - 2018-03-24 18:42 - 000000000 ____D C:\Users\EAGLE\Documents\Custom Office Templates
2018-03-24 18:32 - 2018-03-24 20:54 - 000092280 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-03-24 18:32 - 2018-03-24 18:43 - 000109800 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-03-24 18:32 - 2018-03-24 18:32 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-24 18:32 - 2018-03-24 18:32 - 000193248 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-03-24 18:31 - 2018-03-24 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-24 18:31 - 2018-03-24 18:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-24 18:31 - 2018-03-24 18:31 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-24 18:31 - 2018-01-18 09:03 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-24 13:27 - 2018-03-24 13:27 - 000616994 _____ C:\Users\EAGLE\Desktop\edd-securite.pdf
2018-03-24 13:13 - 2018-03-24 18:41 - 001458426 _____ C:\Users\EAGLE\Desktop\assurance habitation Mr BOUTAYEB.pdf
2018-03-24 00:27 - 2018-03-24 01:15 - 547684352 _____ C:\Users\EAGLE\Desktop\Windows 7 Aio SP1 (x86x64) Mult July 2017 Full Activated mshaz1000.iso
2018-03-23 23:09 - 2018-03-24 01:18 - 000000000 ____D C:\Users\EAGLE\Desktop\10x10 (2018) [WEBRip] [720p] [YTS.AM]
2018-03-23 23:07 - 2018-03-24 01:26 - 000000000 ____D C:\Users\EAGLE\Desktop\Gold (2017) [BluRay] [720p] [YTS.AM]
2018-03-21 22:40 - 2018-03-21 22:40 - 000000607 _____ C:\Users\EAGLE\Desktop\PP.lnk
2018-03-21 22:39 - 2018-03-21 22:39 - 000000000 ____D C:\Users\EAGLE\Desktop\mysql_orange
2018-03-20 22:51 - 2018-03-21 00:13 - 000000000 ____D C:\Users\EAGLE\Desktop\Bent (2018) [WEBRip] [720p] [YTS.AM]
2018-03-20 22:10 - 2018-03-20 22:51 - 000000000 ____D C:\ProgramData\Exam Testing Engine
2018-03-20 22:10 - 2018-03-20 22:10 - 000001084 _____ C:\Users\Public\Desktop\ETE Designer.lnk
2018-03-20 22:10 - 2018-03-20 22:10 - 000001072 _____ C:\Users\Public\Desktop\ETE Player.lnk
2018-03-20 22:10 - 2018-03-20 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exam Testing Engine
2018-03-20 22:10 - 2018-03-20 22:10 - 000000000 ____D C:\Program Files (x86)\Exam Testing Engine
2018-03-20 22:09 - 2018-03-20 22:09 - 000000000 ____D C:\Users\EAGLE\Desktop\Dumps
2018-03-20 21:31 - 2018-03-21 01:07 - 000000000 ____D C:\Users\EAGLE\Desktop\Tomb Raider 2018 720p FULL HDCAM X264 HQMic-CPG
2018-03-20 21:29 - 2018-03-21 00:36 - 000000000 ____D C:\Users\EAGLE\Desktop\Atlantic.Rim.2.Resurrection.2018.HDRip.XviD.AC3-EVO
2018-03-20 20:42 - 2018-03-20 23:31 - 000000000 ____D C:\Users\EAGLE\Desktop\Boo 2! A Madea Halloween (2017) [YTS.AG]
2018-03-20 20:37 - 2018-03-20 20:37 - 000007963 _____ C:\Users\EAGLE\Desktop\projet.zip
2018-03-20 20:25 - 2018-03-20 23:49 - 000000000 ____D C:\Users\EAGLE\Desktop\Fullmetal Alchemist (2017) [WEBRip] [720p] [YTS.AM]
2018-03-20 20:24 - 2018-03-21 00:27 - 000000000 ____D C:\Users\EAGLE\Desktop\Scramble (2017) [YTS.AG]
2018-03-20 20:24 - 2018-03-20 23:26 - 000000000 ____D C:\Users\EAGLE\Desktop\Revolt (2017) [YTS.AG]
2018-03-20 19:53 - 2018-03-20 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2018-03-20 19:53 - 2018-03-20 19:53 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2018-03-20 19:52 - 2018-03-24 18:12 - 000000000 ____D C:\Users\EAGLE\Documents\UBUNTU_NABIL_20
2018-03-18 12:09 - 2018-03-18 12:09 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2018-03-18 12:09 - 2018-03-18 12:09 - 000000000 ____D C:\Program Files\Unlocker
2018-03-18 12:03 - 2018-03-18 12:03 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Copy Handler
2018-03-18 12:03 - 2018-03-18 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copy Handler
2018-03-18 12:02 - 2018-03-18 12:03 - 000000000 ____D C:\Program Files\Copy Handler
2018-03-17 20:00 - 2018-03-17 20:00 - 000000000 ____D C:\Users\EAGLE\Desktop\prjt
2018-03-17 20:00 - 2018-03-02 14:33 - 002024202 _____ C:\Users\EAGLE\Desktop\compte-rendu-data-mining_v3.pdf
2018-03-17 19:59 - 2018-02-24 12:18 - 006550016 _____ C:\Users\EAGLE\Desktop\voicetotext_setup.msi
2018-03-17 17:45 - 2018-03-17 17:45 - 008583036 _____ C:\Users\EAGLE\Desktop\البحر الشاسع، لدخول الخوارزميات من بابها الواسع.pdf
2018-03-17 15:04 - 2018-03-24 22:38 - 000000000 ____D C:\Users\EAGLE\Desktop\malwarebyte procedure
2018-03-17 14:35 - 2018-03-24 22:38 - 000000000 ____D C:\FRST
2018-03-17 13:56 - 2018-03-17 14:00 - 000000000 ____D C:\Users\EAGLE\Desktop\Malwarebytes Premium 3.4.3.2394 Beta + Crack [CracksNow]
2018-03-17 12:52 - 2018-03-17 13:17 - 069227978 _____ C:\Users\EAGLE\Downloads\Malwarebytes%20Premium%203.4.4.2398%20Multilingual.rar
2018-03-17 12:42 - 2018-03-17 12:42 - 000002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2018-03-17 12:42 - 2018-03-17 12:42 - 000001945 _____ C:\Windows\epplauncher.mif
2018-03-17 12:42 - 2018-03-17 12:42 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-03-17 12:42 - 2018-03-17 12:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-03-17 10:15 - 2010-12-11 19:50 - 000181248 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3xhc.sys
2018-03-17 10:09 - 2013-02-19 08:59 - 000057848 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2018-03-17 10:06 - 2013-07-25 01:09 - 000073480 _____ (Intel Corporation) C:\Windows\system32\e1kmsg.dll
2018-03-17 10:06 - 2013-07-17 23:47 - 000497424 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1k62x64.sys
2018-03-17 10:06 - 2013-07-11 05:35 - 000089888 _____ (Intel Corporation) C:\Windows\system32\NicInstK.dll
2018-03-17 10:06 - 2013-05-29 02:10 - 011524096 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2018-03-17 10:06 - 2012-07-03 15:08 - 000003093 _____ C:\Windows\system32\e1k62x64.din
2018-03-17 10:06 - 2012-02-16 19:35 - 003381008 _____ (Intel Corporation) C:\Windows\system32\Netwrw00.dll
2018-03-17 10:06 - 2012-02-16 19:34 - 000885520 _____ (Intel Corporation) C:\Windows\system32\Netwcw00.dll
2018-03-17 10:05 - 2018-03-17 10:05 - 000001653 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
2018-03-17 10:05 - 2018-03-17 10:05 - 000000000 ____D C:\Program Files\IDT
2018-03-17 10:05 - 2010-09-07 20:05 - 012861952 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2018-03-17 10:05 - 2010-09-07 20:05 - 001952256 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2018-03-17 10:05 - 2010-09-07 20:05 - 000489472 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2018-03-17 10:05 - 2010-01-25 20:30 - 000162816 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2018-03-17 10:05 - 2009-10-08 18:45 - 000442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2018-03-17 10:05 - 2009-03-01 19:58 - 000068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2018-03-17 10:05 - 2009-03-01 19:47 - 000090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 001484288 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 000651264 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 000515584 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2018-03-17 10:04 - 2010-09-07 20:05 - 000431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2018-03-17 10:04 - 2010-09-07 20:05 - 000219648 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
2018-03-17 10:03 - 2009-09-03 07:14 - 000057856 _____ (REDC) C:\Windows\system32\Drivers\rixdpx64.sys
2018-03-17 10:03 - 2009-09-03 06:37 - 000067072 _____ (REDC) C:\Windows\system32\Drivers\rimmpx64.sys
2018-03-17 10:02 - 2013-11-16 03:59 - 000632168 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2018-03-17 10:02 - 2013-11-16 03:59 - 000028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2018-03-17 10:02 - 2009-09-24 13:31 - 000076288 _____ (REDC) C:\Windows\system32\Drivers\risdsn64.sys
2018-03-17 10:02 - 2009-09-03 06:59 - 000054784 _____ (REDC) C:\Windows\system32\Drivers\rimspx64.sys
2018-03-17 10:00 - 2014-02-08 18:34 - 031432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 025256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 023683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 017560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 015740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 012324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-03-17 10:00 - 2014-02-08 18:34 - 011636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 011589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 009728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 009690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 003142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002713728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 002410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 001885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 001515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-03-17 10:00 - 2014-02-08 18:34 - 000844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-03-17 09:57 - 2018-03-17 20:19 - 000000000 ____D C:\Users\EAGLE\AppData\LocalLow\Mozilla
2018-03-17 09:56 - 2018-03-17 12:56 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Mozilla
2018-03-17 09:56 - 2018-03-17 09:57 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Mozilla
2018-03-17 09:56 - 2018-03-17 09:56 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-17 09:56 - 2018-03-17 09:56 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Icecream
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Users\EAGLE\AppData\Local\CrashRpt
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Users\EAGLE\.ebookreader
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-17 09:56 - 2018-03-17 09:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-17 09:55 - 2018-03-17 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Ebook Reader
2018-03-17 09:55 - 2018-03-17 09:55 - 000000000 ____D C:\Program Files (x86)\Icecream Ebook Reader
2018-03-16 21:49 - 2018-03-16 21:49 - 018855816 _____ C:\Users\EAGLE\Desktop\SY0-501hc.zip
2018-03-16 21:10 - 2018-03-24 18:12 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\VMware
2018-03-16 21:10 - 2018-03-24 18:12 - 000000000 ____D C:\Users\EAGLE\AppData\Local\VMware
2018-03-15 23:00 - 2018-03-24 19:59 - 000000000 ____D C:\Users\EAGLE\Desktop\Flask
2018-03-15 19:27 - 2018-03-15 19:27 - 000000614 _____ C:\Users\EAGLE\Desktop\LOG.lnk
2018-03-15 19:08 - 2018-03-15 19:17 - 001797749 _____ C:\Users\EAGLE\Desktop\BOUTAYEB_convention.pdf
2018-03-14 22:20 - 2018-03-14 22:20 - 008639972 _____ C:\Users\EAGLE\Desktop\FONDATION MAISON DU MAROC.rar
2018-03-14 20:55 - 2018-03-17 13:54 - 000000000 ____D C:\Users\EAGLE\Desktop\CROUS FILE
2018-03-14 20:23 - 2018-03-14 20:23 - 003158196 _____ C:\Users\EAGLE\Desktop\dossier à remplir INTRINSEC.rar
2018-03-11 22:17 - 2018-03-11 22:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_wbf_vfs451_01_09_00.Wdf
2018-03-11 22:17 - 2018-03-11 22:17 - 000000000 ____D C:\ProgramData\Validity
2018-03-11 20:01 - 2018-03-24 22:39 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Free Download Manager
2018-03-11 20:01 - 2018-03-11 20:01 - 000002746 _____ C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor
2018-03-11 20:01 - 2018-03-11 20:01 - 000000000 ____D C:\Users\EAGLE\AppData\Local\CEF
2018-03-11 20:01 - 2018-03-11 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2018-03-11 20:01 - 2018-03-11 20:01 - 000000000 ____D C:\Program Files\FreeDownloadManager.ORG
2018-03-10 12:10 - 2018-03-10 12:10 - 000247940 _____ C:\Users\EAGLE\Desktop\Planning du 201803 de BOUTAYEB Abdelali (1).pdf
2018-03-09 22:24 - 2018-03-23 03:13 - 001953380 _____ C:\Windows\ntbtlog.txt
2018-03-08 20:00 - 2018-03-08 20:03 - 000000000 ____D C:\Windows\system32\MRT
2018-03-08 20:00 - 2018-03-08 20:00 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-08 19:59 - 2018-03-08 19:59 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-08 19:32 - 2013-10-14 18:00 - 000028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2018-03-08 17:11 - 2014-06-30 23:24 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2018-03-08 17:11 - 2014-06-30 23:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2018-03-08 17:11 - 2014-06-06 07:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-03-08 17:11 - 2014-06-06 07:12 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-03-08 17:11 - 2014-03-09 22:48 - 001389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2018-03-08 17:11 - 2014-03-09 22:48 - 000171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2018-03-08 17:11 - 2014-03-09 22:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2018-03-08 17:11 - 2014-03-09 22:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2018-03-08 13:29 - 2017-06-05 18:52 - 008981182 _____ C:\Users\EAGLE\Desktop\Romadi2016-2017.zip
2018-03-08 12:28 - 2018-03-08 12:28 - 000000000 ____D C:\Users\EAGLE\Documents\NetBeansProjects
2018-03-08 12:27 - 2018-03-18 11:48 - 000000000 ____D C:\Users\EAGLE\Documents\Virtual Machines
2018-03-08 12:22 - 2018-03-08 12:22 - 000000697 _____ C:\Users\EAGLE\Desktop\VIDEOS HACKING.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000646 _____ C:\Users\EAGLE\Desktop\MASTERs.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000646 _____ C:\Users\EAGLE\Desktop\HACKING.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000639 _____ C:\Users\EAGLE\Desktop\DIVERS.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000623 _____ C:\Users\EAGLE\Desktop\SECU.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000623 _____ C:\Users\EAGLE\Desktop\DINE.lnk
2018-03-08 12:22 - 2018-03-08 12:22 - 000000614 _____ C:\Users\EAGLE\Desktop\LAB.lnk
2018-03-08 03:14 - 2018-03-08 03:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2018-03-08 03:12 - 2018-03-07 18:23 - 000000000 ____D C:\Windows\Panther
2018-03-08 03:05 - 2018-03-08 03:12 - 000000000 ____D C:\$WINDOWS.~LS
2018-03-08 03:05 - 2018-03-08 03:05 - 000000000 ____D C:\$WINDOWS.~BT
2018-03-08 02:18 - 2015-10-18 17:53 - 000075512 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2018-03-08 02:18 - 2015-10-18 17:53 - 000068288 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2018-03-08 02:18 - 2015-10-18 17:53 - 000064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2018-03-08 02:17 - 2015-10-18 18:33 - 000934080 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2018-03-08 02:17 - 2015-10-18 18:33 - 000391872 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2018-03-08 02:17 - 2015-10-18 18:33 - 000358080 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2018-03-08 02:17 - 2015-10-18 18:33 - 000066752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2018-03-08 02:17 - 2015-10-18 18:33 - 000033472 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2018-03-08 02:17 - 2015-10-18 18:33 - 000031936 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMparport.sys
2018-03-08 02:17 - 2015-10-18 18:11 - 000026816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2018-03-08 02:16 - 2018-03-08 02:16 - 000001203 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2018-03-08 02:16 - 2018-03-08 02:16 - 000001024 _____ C:\Windows\SysWOW64\%TMP%
2018-03-08 02:16 - 2018-03-08 02:16 - 000000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2018-03-08 02:16 - 2018-03-08 02:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2018-03-08 02:16 - 2018-03-08 02:16 - 000000000 ____D C:\Program Files\Common Files\VMware
2018-03-08 02:16 - 2018-03-08 02:16 - 000000000 ____D C:\Program Files (x86)\VMware
2018-03-08 02:16 - 2015-10-06 08:02 - 000057536 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2018-03-08 02:16 - 2015-10-06 08:01 - 000046144 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmusb.sys
2018-03-08 00:42 - 2018-03-08 00:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-08 00:36 - 2018-03-24 18:43 - 000000000 ____D C:\ProgramData\VMware
2018-03-08 00:35 - 2018-03-08 00:37 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\TeraCopy
2018-03-08 00:30 - 2018-03-08 00:30 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-03-08 00:28 - 2018-03-08 00:28 - 000002883 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002862 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002857 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002833 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000002769 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-03-08 00:28 - 2018-03-08 00:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2018-03-08 00:26 - 2018-03-08 00:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-08 00:25 - 2018-03-08 00:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-03-08 00:24 - 2018-03-08 00:24 - 000000000 ____D C:\Windows\PCHEALTH
2018-03-08 00:24 - 2018-03-08 00:24 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-03-08 00:24 - 2018-03-08 00:24 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-03-08 00:18 - 2018-03-08 00:18 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-03-08 00:18 - 2018-03-08 00:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-03-08 00:17 - 2018-03-08 00:24 - 000000000 ____D C:\Program Files\Microsoft Office
2018-03-08 00:17 - 2018-03-08 00:17 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Microsoft Help
2018-03-08 00:17 - 2018-03-08 00:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-07 23:56 - 2014-12-08 04:09 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-03-07 23:56 - 2014-12-08 03:46 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-03-07 23:55 - 2018-03-07 23:55 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Eraser 6
2018-03-07 23:55 - 2018-03-07 23:55 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2018-03-07 23:55 - 2011-04-09 07:58 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-03-07 23:55 - 2011-04-09 06:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2018-03-07 23:54 - 2016-03-09 19:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2018-03-07 23:54 - 2016-03-09 19:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2018-03-07 23:54 - 2011-05-24 12:42 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2018-03-07 23:54 - 2011-05-24 11:40 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2018-03-07 23:54 - 2011-05-24 11:40 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2018-03-07 23:54 - 2011-05-24 11:39 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2018-03-07 23:54 - 2011-05-24 11:37 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2018-03-07 23:53 - 2015-11-03 20:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2018-03-07 23:53 - 2015-11-03 19:55 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2018-03-07 22:52 - 2018-03-08 01:52 - 000000000 ____D C:\Users\EAGLE\AppData\Local\MSfree Inc
2018-03-07 22:52 - 2016-03-09 20:00 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-03-07 22:52 - 2016-03-09 20:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2018-03-07 22:52 - 2016-03-09 19:40 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-03-07 22:52 - 2016-03-09 19:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2018-03-07 22:52 - 2011-02-12 12:34 - 000267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2018-03-07 22:51 - 2016-02-09 10:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2018-03-07 22:51 - 2013-01-24 07:01 - 000223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-03-07 22:51 - 2012-07-04 23:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2018-03-07 22:51 - 2012-07-04 23:13 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2018-03-07 22:51 - 2012-07-04 23:13 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2018-03-07 22:51 - 2012-07-04 22:16 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2018-03-07 22:51 - 2012-07-04 22:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2018-03-07 22:51 - 2011-12-16 09:46 - 000634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2018-03-07 22:51 - 2011-12-16 08:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2018-03-07 22:51 - 2011-08-27 06:37 - 000861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-03-07 22:51 - 2011-08-27 06:37 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2018-03-07 22:51 - 2011-08-27 05:26 - 000571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-03-07 22:51 - 2011-08-27 05:26 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2018-03-07 22:50 - 2015-03-04 05:55 - 000367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-03-07 22:50 - 2015-03-04 05:41 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2018-03-07 22:50 - 2015-03-04 05:10 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2018-03-07 22:50 - 2013-10-12 03:32 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-03-07 22:50 - 2013-10-12 03:31 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-03-07 22:50 - 2013-10-12 03:04 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-03-07 22:50 - 2013-10-12 03:03 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-03-07 22:50 - 2013-10-12 02:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-03-07 22:50 - 2013-10-12 02:33 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-03-07 22:50 - 2013-10-12 02:15 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-03-07 22:50 - 2013-10-12 02:15 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-03-07 22:50 - 2011-02-18 11:51 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2018-03-07 22:50 - 2011-02-18 06:39 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2018-03-07 22:42 - 2018-03-07 22:42 - 000000000 ____D C:\Users\EAGLE\AppData\Local\ESET
2018-03-07 22:40 - 2018-03-24 21:09 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\vlc
2018-03-07 22:28 - 2015-01-14 07:09 - 005554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-07 22:28 - 2015-01-14 07:09 - 000155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-07 22:28 - 2015-01-14 07:09 - 000095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-07 22:28 - 2015-01-14 07:05 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-07 22:28 - 2015-01-14 07:05 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-07 22:28 - 2015-01-14 07:04 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-07 22:28 - 2015-01-14 07:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-07 22:28 - 2015-01-14 07:04 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-07 22:28 - 2015-01-14 07:02 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-07 22:28 - 2015-01-14 07:02 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-07 22:28 - 2015-01-14 06:59 - 000686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-07 22:28 - 2015-01-14 06:44 - 003972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-07 22:28 - 2015-01-14 06:44 - 003917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-07 22:28 - 2015-01-14 06:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-07 22:28 - 2015-01-14 06:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-07 22:28 - 2015-01-14 06:40 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-07 22:28 - 2015-01-14 06:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-07 22:28 - 2015-01-14 06:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-07 22:28 - 2015-01-14 06:37 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-07 22:28 - 2015-01-14 06:36 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-07 22:28 - 2014-12-30 02:23 - 000459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-03-07 22:28 - 2014-11-11 04:08 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-07 22:28 - 2014-11-11 03:44 - 000550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-07 22:28 - 2014-09-19 10:42 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-07 22:28 - 2014-09-19 10:23 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-07 22:27 - 2016-04-09 07:58 - 001190912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-03-07 22:27 - 2016-04-09 07:54 - 001011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-03-07 22:27 - 2013-08-28 02:12 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2018-03-07 22:27 - 2013-08-02 03:12 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-07 22:27 - 2013-08-02 03:12 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-07 22:27 - 2013-08-02 02:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-07 22:27 - 2013-08-02 01:59 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-07 22:27 - 2012-06-06 07:02 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-03-07 22:27 - 2012-06-06 06:03 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-03-07 22:24 - 2018-03-07 22:24 - 000001759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2018-03-07 22:24 - 2018-03-07 22:24 - 000000000 ____D C:\Program Files\Eraser
2018-03-07 22:14 - 2018-03-07 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-03-07 22:14 - 2018-03-07 22:14 - 000000000 ____D C:\Program Files\VideoLAN
2018-03-07 22:13 - 2018-03-07 22:13 - 000000000 __RHD C:\MSOCache
2018-03-07 22:13 - 2015-02-04 04:16 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2018-03-07 22:13 - 2015-02-04 03:54 - 000318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2018-03-07 22:12 - 2018-03-07 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-03-07 22:12 - 2018-03-07 22:12 - 000000000 ____D C:\ProgramData\ESET
2018-03-07 22:12 - 2018-03-07 22:12 - 000000000 ____D C:\Program Files\ESET
2018-03-07 22:00 - 2018-03-07 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2018-03-07 22:00 - 2018-03-07 22:00 - 000000000 ____D C:\Program Files (x86)\Unchecky
2018-03-07 21:58 - 2018-03-24 16:29 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 10.lnk
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\ProgramData\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\Program Files\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\Program Files\Common Files\Nitro
2018-03-07 21:58 - 2018-03-07 21:58 - 000000000 ____D C:\Program Files (x86)\Nitro
2018-03-07 21:58 - 2015-05-06 04:23 - 000031896 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon10.dll
2018-03-07 21:58 - 2015-05-06 04:23 - 000020120 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui10.dll
2018-03-07 21:57 - 2018-03-07 21:57 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Downloaded Installations
2018-03-07 21:55 - 2018-03-17 10:19 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\DMCache
2018-03-07 21:55 - 2018-03-07 23:58 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\IDM
2018-03-07 21:55 - 2018-03-07 21:55 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-03-07 21:55 - 2018-03-07 21:55 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-03-07 21:55 - 2008-12-17 13:03 - 000206256 _____ (Tonec Inc.) C:\Windows\SysWOW64\idmmbc.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-03-07 21:53 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-03-07 19:17 - 2012-02-17 07:38 - 001112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-03-07 19:17 - 2012-02-17 07:38 - 001031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2018-03-07 19:17 - 2012-02-17 06:34 - 000826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2018-03-07 19:17 - 2012-02-17 05:58 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2018-03-07 19:17 - 2012-02-17 05:57 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2018-03-07 19:10 - 2018-03-24 22:18 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2018-03-07 19:09 - 2018-03-23 01:15 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-07 19:09 - 2018-03-23 01:15 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-07 19:09 - 2018-03-07 19:09 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Google
2018-03-07 19:08 - 2018-03-07 19:18 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Google
2018-03-07 19:08 - 2018-03-07 19:09 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-07 19:08 - 2018-03-07 19:08 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-03-07 19:08 - 2018-03-07 19:08 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-03-07 19:08 - 2018-03-07 19:08 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Deployment
2018-03-07 19:08 - 2018-03-07 19:08 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Apps\2.0
2018-03-07 19:06 - 2018-03-07 19:06 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Synaptics
2018-03-07 19:05 - 2018-03-17 10:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-07 19:00 - 2018-03-07 19:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-07 19:00 - 2015-02-04 04:56 - 000072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-03-07 19:00 - 2015-02-04 04:56 - 000059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-03-07 19:00 - 2015-02-03 17:18 - 004229086 _____ C:\Windows\system32\nvcoproc.bin
2018-03-07 19:00 - 2014-02-08 18:42 - 006712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 003498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 002559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 000923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2018-03-07 19:00 - 2014-02-08 18:42 - 000386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-03-07 19:00 - 2014-02-08 18:42 - 000063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-03-07 18:59 - 2018-03-07 18:59 - 000000000 ____D C:\Program Files\DIFX
2018-03-07 18:59 - 2015-05-04 16:14 - 011534096 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw01.sys
2018-03-07 18:59 - 2015-02-11 11:38 - 001515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-03-07 18:59 - 2015-02-11 11:38 - 000197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-03-07 18:59 - 2015-02-11 11:38 - 000031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-03-07 18:59 - 2015-02-04 04:56 - 001907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434144.dll
2018-03-07 18:59 - 2015-02-04 04:56 - 001555656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434144.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 018257576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 017715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 014669032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 003090184 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-03-07 18:59 - 2014-02-08 18:34 - 000024544 _____ C:\Windows\system32\nvinfo.pb
2018-03-07 18:58 - 2018-03-17 10:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-07 18:58 - 2018-03-07 18:58 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2018-03-07 18:58 - 2018-03-07 18:58 - 000000000 ____D C:\Program Files\Synaptics
2018-03-07 18:58 - 2018-03-07 18:58 - 000000000 ____D C:\NVIDIA
2018-03-07 18:58 - 2012-05-18 23:55 - 000737592 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000434488 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2018-03-07 18:58 - 2012-05-18 23:55 - 000404792 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000309560 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000249144 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000229688 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000150840 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo10.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000113976 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2018-03-07 18:58 - 2012-05-18 23:55 - 000068920 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPEnhPS.dll
2018-03-07 18:58 - 2011-09-15 00:11 - 001048576 _____ C:\Windows\system32\syndata.bin
2018-03-07 18:58 - 2009-08-07 15:49 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2018-03-07 18:57 - 2018-03-08 18:12 - 000780680 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-03-07 18:57 - 2018-03-08 00:44 - 000111128 _____ C:\Users\EAGLE\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Windows\Options
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Users\EAGLE\Intel
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Intel Corporation
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Downloaded Installations
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\ProgramData\Intel
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Program Files\LSI SoftModem
2018-03-07 18:57 - 2018-03-07 18:57 - 000000000 ____D C:\Program Files\Intel
2018-03-07 18:57 - 2009-06-09 13:28 - 000064000 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe
2018-03-07 18:57 - 2009-03-27 18:12 - 000014848 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll
2018-03-07 18:57 - 2009-03-27 18:12 - 000013824 ____N (LSI Corporation) C:\Windows\SysWOW64\agrscoin.dll
2018-03-07 18:56 - 2018-03-11 22:17 - 000000000 ____D C:\Program Files\Validity Sensors
2018-03-07 18:56 - 2009-08-10 15:31 - 000015497 _____ C:\Windows\snp2uvc.ini
2018-03-07 18:56 - 2009-08-10 15:31 - 000013022 _____ C:\Windows\snp2uvc.src
2018-03-07 18:56 - 2009-07-20 15:05 - 000059008 _____ (RICOH Company, Ltd.) C:\Windows\system32\Drivers\rismcx64.sys
2018-03-07 18:56 - 2009-03-26 14:41 - 001834416 _____ () C:\Windows\system32\Drivers\snp2uvc.sys
2018-03-07 18:56 - 2009-03-26 14:41 - 000399920 _____ (Sonix) C:\Windows\system32\vsnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:40 - 000313392 _____ ( ) C:\Windows\system32\csnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:40 - 000250928 _____ ( ) C:\Windows\system32\rsnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:40 - 000041264 _____ C:\Windows\system32\Drivers\sncduvc.sys
2018-03-07 18:56 - 2009-03-26 14:38 - 000313904 _____ (Sonix) C:\Windows\SysWOW64\vsnp2uvc.dll
2018-03-07 18:56 - 2009-03-26 14:38 - 000027184 _____ () C:\Windows\snuvcdsm.exe
2018-03-07 18:56 - 2009-03-26 14:37 - 000256560 _____ ( ) C:\Windows\SysWOW64\rsnp2uvc.dll
2018-03-07 18:55 - 2018-03-17 21:44 - 000000000 ____D C:\SWSETUP
2018-03-07 18:55 - 2009-12-17 09:15 - 000114688 _____ (RICOH) C:\Windows\SysWOW64\RicohMediadriverVer.dll
2018-03-07 18:55 - 2007-07-25 12:48 - 000172032 _____ (Ricoh Company,Ltd) C:\Windows\system32\rixdicon.dll
2018-03-07 18:55 - 2004-09-04 03:00 - 000090112 _____ (Sony Corporation) C:\Windows\system32\snymsico.dll
2018-03-07 18:54 - 2018-03-07 18:54 - 000000000 ____D C:\Users\EAGLE\Documents\Bluetooth Exchange Folder
2018-03-07 18:54 - 2018-03-07 18:54 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Broadcom
2018-03-07 18:54 - 2018-03-07 18:54 - 000000000 ____D C:\Program Files\WIDCOMM
2018-03-07 18:54 - 2014-07-18 11:04 - 000599288 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2018-03-07 18:54 - 2012-05-02 09:48 - 000184144 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2018-03-07 18:54 - 2012-03-06 15:59 - 000210984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2018-03-07 18:54 - 2012-03-06 15:59 - 000021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2018-03-07 18:54 - 2011-09-18 04:08 - 000039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Users\EAGLE\My Drivers
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Innovative Solutions
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Users\EAGLE\AppData\Local\Innovative Solutions
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions
2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 ____D C:\My Drivers
2018-03-07 18:49 - 2018-03-07 18:49 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\WinRAR
2018-03-07 18:48 - 2018-03-07 18:48 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-07 18:48 - 2018-03-07 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-07 18:48 - 2018-03-07 18:48 - 000000000 ____D C:\Program Files (x86)\WinRAR
2018-03-07 18:46 - 2018-03-07 18:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\2C0A
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0C0A
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0C04
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0816
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0804
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0424
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\041F
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\041E
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\041D
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\041B
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0419
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0416
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0415
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0414
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0413
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0412
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0411
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0410
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\040E
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\040D
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\040C
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\040B
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\040A
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0408
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0407
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0406
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0405
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0404
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Windows\system32\0401
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2018-03-07 18:46 - 2018-03-07 18:46 - 000000000 ____D C:\Program Files (x86)\Renesas Electronics
2018-03-07 18:40 - 2018-03-07 18:40 - 000000000 ____D C:\Program Files (x86)\Intel
2018-03-07 18:40 - 2018-03-07 18:40 - 000000000 ____D C:\Intel
2018-03-07 18:40 - 2013-08-21 15:16 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-03-07 18:31 - 2014-05-14 17:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-03-07 18:31 - 2014-05-14 17:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-03-07 18:31 - 2014-05-14 17:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-03-07 18:31 - 2014-05-14 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-03-07 18:31 - 2014-05-14 17:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-03-07 18:31 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-03-07 18:31 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-03-07 18:31 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-03-07 18:31 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-03-07 18:30 - 2018-03-07 18:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2018-03-07 18:25 - 2018-03-07 18:25 - 000001443 _____ C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-03-07 18:25 - 2018-03-07 18:25 - 000001409 _____ C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2018-03-07 18:24 - 2018-03-18 16:16 - 000000000 ____D C:\Users\EAGLE
2018-03-07 18:24 - 2018-03-07 18:24 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2018-03-07 18:24 - 2018-03-07 18:24 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2018-03-07 18:24 - 2018-03-07 18:24 - 000000020 ___SH C:\Users\EAGLE\ntuser.ini
2018-03-07 18:24 - 2018-03-07 18:24 - 000000000 ____D C:\Users\EAGLE\AppData\Local\VirtualStore
2018-03-07 18:24 - 2011-04-12 09:28 - 000000000 ____D C:\Users\EAGLE\AppData\Roaming\Media Center Programs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-24 18:50 - 2009-07-14 05:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-24 18:50 - 2009-07-14 05:45 - 000021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-24 18:49 - 2009-07-14 06:13 - 000788434 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-24 18:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-24 18:43 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-17 23:09 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2018-03-17 11:39 - 2018-01-09 17:40 - 000000000 ____D C:\Users\EAGLE\Desktop\anim
2018-03-15 22:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\LiveKernelReports
2018-03-15 03:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-03-14 19:34 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-11 22:17 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-03-09 21:12 - 2011-04-12 09:28 - 000000000 ____D C:\Windows\ShellNew
2018-03-09 21:12 - 2011-04-12 09:28 - 000000000 ____D C:\Program Files\Windows Journal
2018-03-09 21:12 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender
2018-03-09 21:12 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2018-03-09 21:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2018-03-09 21:10 - 2009-07-14 05:45 - 000431832 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-08 03:14 - 2011-04-12 09:28 - 000000000 ____D C:\Windows\CSC
2018-03-08 03:12 - 2009-07-14 06:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-03-08 02:15 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-03-08 00:54 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2018-03-07 19:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2018-03-07 18:46 - 2011-04-12 09:17 - 000000000 ____D C:\Windows\system32\0409
2018-03-07 18:24 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

Some files in TEMP:
====================
2018-03-24 11:14 - 2009-07-14 02:39 - 000020480 _____ (Microsoft Corporation) C:\Users\EAGLE\AppData\Local\Temp\16688.exe
2018-03-22 21:54 - 2009-07-14 02:39 - 000020480 _____ (Microsoft Corporation) C:\Users\EAGLE\AppData\Local\Temp\3664.exe
2018-03-24 18:58 - 2010-11-21 04:23 - 001731936 _____ (Microsoft Corporation) C:\Users\EAGLE\AppData\Local\Temp\dllnt_dump.dll
2011-04-08 18:32 - 2011-04-08 18:32 - 000399360 _____ () C:\Users\EAGLE\AppData\Local\Temp\FileUnlocker_Installer.exe
2001-12-19 11:45 - 2001-12-19 11:45 - 000023552 _____ () C:\Users\EAGLE\AppData\Local\Temp\VCdControlTool.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-19 22:00

==================== End of FRST.txt ============================

 

I GOT ANOTHER "ADDITION.TXT" FILE WITH:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by EAGLE (24-03-2018 22:39:42)
Running from C:\Users\EAGLE\Desktop\malwarebyte procedure
Windows 7 Ultimate Service Pack 1 (X64) (2018-03-07 17:23:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-107176975-4180119475-431572307-500 - Administrator - Disabled)
EAGLE (S-1-5-21-107176975-4180119475-431572307-1000 - Administrator - Enabled) => C:\Users\EAGLE
Guest (S-1-5-21-107176975-4180119475-431572307-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Copy Handler 1.44 (HKLM\...\{9CF6A157-F0E8-4216-B229-C0CA8204BE2C}_is1) (Version: 1.44 - Józef Starosczyk)
Eraser 6.2.0.2969 (HKLM\...\{66AB13EA-E7D2-4CFC-9B66-8E9EE44C89EE}) (Version: 6.2.2969 - The Eraser Project)
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 11.0.159.9 - ESET, spol. s r.o.)
Exam Testing Engine (HKLM-x32\...\Exam Testing Engine_is1) (Version:  - Vumingo)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.34.6924 - FreeDownloadManager.ORG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50004.1 - Sonix)
Icecream Ebook Reader version 5.07 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.07 - Icecream Apps)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 59.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.1 (x64 en-US)) (Version: 59.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
Nitro Pro 10 (HKLM\...\{C78478E6-8206-470E-B843-0204995371C6}) (Version: 10.5.1.17 - Nitro)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
RICOH R5C853 Media Driver Ver.1.02.00.17 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 1.02.00.17 - RICOH)
RogueKiller version 12.12.9.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.9.0 - Adlice Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.6.2 - Synaptics Incorporated)
Unchecky v0.2.5 (HKLM-x32\...\Unchecky) (Version: 0.2.5 - RaMMicHaeL)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version:  - Microsoft)
Validity Sensors DDK (HKLM\...\{62A20ECA-920E-4052-BF77-88C78DD20FAA}) (Version: 3.1.119 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
VMware Workstation (HKLM\...\{4B855F64-CB51-4FC3-935F-5AF7D3372BDE}) (Version: 12.0.1 - VMware, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Driver Package - Intel (NETwNs64) net  (04/30/2015 15.11.0.9) (HKLM\...\3A0A5AE912CC81290DB2E472F7DC4CF387C36211) (Version: 04/30/2015 15.11.0.9 - Intel)
Windows Driver Package - Intel (NETwNs64) net  (04/30/2015 15.17.0.1) (HKLM\...\6215B44C20BCFEEA55D04A5A510C7994E3C7E28F) (Version: 04/30/2015 15.17.0.1 - Intel)
Windows Driver Package - Intel (NETwNs64) net  (06/22/2015 18.11.0.8) (HKLM\...\95D750361316F93378C278E0FD6B87A7DBA8E680) (Version: 06/22/2015 18.11.0.8 - Intel)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [chext] -> {E7A4C2DA-F3AF-4145-AC19-E3B215306A54} => C:\Program Files\Copy Handler\chext64.dll [2016-11-18] ( )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-04-13] (The Eraser Project)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2015-05-06] (Nitro PDF)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] ()
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-04-13] (The Eraser Project)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2015-10-18] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2015-10-18] (VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [chext] -> {E7A4C2DA-F3AF-4145-AC19-E3B215306A54} => C:\Program Files\Copy Handler\chext64.dll [2016-11-18] ( )
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-04-13] (The Eraser Project)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] ()
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-02-04] ()
ContextMenuHandlers5: [chext] -> {E7A4C2DA-F3AF-4145-AC19-E3B215306A54} => C:\Program Files\Copy Handler\chext64.dll [2016-11-18] ( )
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-04-13] (The Eraser Project)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-02-08] (NVIDIA Corporation)
ContextMenuHandlers6: [chext] -> {E7A4C2DA-F3AF-4145-AC19-E3B215306A54} => C:\Program Files\Copy Handler\chext64.dll [2016-11-18] ( )
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-04-13] (The Eraser Project)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35E206EF-9BBA-470A-A546-B03A9B162BF7} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {476757A2-2E3D-4483-BC90-F33197FDE007} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2018-02-22] (FreeDownloadManager.org)
Task: {4830D914-0CA1-4EAD-877F-3768526F796C} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {76F5C620-9950-4A50-8775-D59E7E9592ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {79187805-5253-42F9-9FE4-BD660F12912F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {964CE320-E5EA-4FB1-85A9-CC0453B455AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A3FB6D7D-BD78-4614-BE27-377434124E7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-07] (Google Inc.)
Task: {CA541317-8AA4-46FE-88E3-E09E1E5F00E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-07] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Awesome Screenshot App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mfpiaehgjbbfednooihadalhehabhcjo
ShortcutWithArgument: C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Spark View, Faster than any native RDP client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ddnnpdbioplhcagobicknkjkbhdefjkg
ShortcutWithArgument: C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Turbo Download Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kemfccojgjoilhfmcblgimbggikekjip

==================== Loaded Modules (Whitelisted) ==============

2018-03-07 19:00 - 2014-02-08 18:42 - 000117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-03-11 20:01 - 2018-02-22 14:15 - 000037376 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2015-05-06 04:23 - 2015-05-06 04:23 - 000418968 _____ () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
2015-05-06 04:23 - 2015-05-06 04:23 - 002543768 _____ () C:\Program Files\Nitro\Pro 10\Nitro_KissMetrics.dll
2013-10-17 22:28 - 2013-10-17 22:28 - 000028672 _____ () C:\Windows\system32\valWBFPolicyService.exe
2018-03-24 18:31 - 2018-02-05 15:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-24 18:31 - 2018-03-01 11:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-10-18 18:32 - 2015-10-18 18:32 - 012465856 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2016-06-14 06:25 - 2016-06-14 06:25 - 008911552 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2018-03-07 19:00 - 2015-02-04 04:56 - 000710288 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2018-03-07 18:48 - 2006-12-11 02:14 - 000043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-03-11 20:01 - 2017-04-13 12:42 - 002158592 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2018-03-11 20:01 - 2017-04-13 12:42 - 012242432 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2018-03-11 20:01 - 2017-04-13 12:42 - 000138752 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2018-03-11 20:01 - 2017-04-13 12:42 - 000485376 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2018-03-11 20:01 - 2017-04-13 12:42 - 001825792 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2018-03-11 20:01 - 2017-04-13 12:42 - 000662016 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2018-03-11 20:01 - 2017-04-13 12:46 - 069740544 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2018-03-11 20:01 - 2017-11-30 18:02 - 002521088 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2018-03-11 20:01 - 2017-11-30 18:02 - 000015360 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2018-03-23 01:15 - 2018-03-20 07:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-23 01:15 - 2018-03-20 07:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-03-11 20:01 - 2018-02-22 14:15 - 000710656 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
2015-10-18 18:32 - 2015-10-18 18:32 - 001301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-10-18 18:32 - 2015-10-18 18:32 - 000191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-10-18 18:32 - 2015-10-18 18:32 - 000388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2015-10-18 18:32 - 2015-10-18 18:32 - 000165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-03-24 18:43 - 000001888 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com
0.0.0.0 cdn.cdndp.com
0.0.0.0 cdn.download.sweetpacks.com
0.0.0.0 cdn.dpdownload.com
0.0.0.0 cdn.visualbee.net

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-107176975-4180119475-431572307-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\EAGLE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.27.40.241 - 212.27.40.240
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DriverMax => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: TNOD UP => "C:\Program Files (x86)\TNod\TNODUP.exe" /i
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EBEF8EFA-D99D-4BDB-B178-28388580CF14}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{EF93EA89-73F2-4560-9DC4-15D921FCB39F}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{13F4444B-3055-46C4-9A9B-0627B80C7133}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{2F001104-D38F-453E-B75A-7F14CDE1379B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{C24329F6-7D8C-4546-82CF-9FFCCC30DC5C}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{2FC14424-CA62-4A89-80C7-50082105A491}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{61DB6B1B-7D72-4194-BC5F-8F42154DA545}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{1D961CB5-5A07-4965-8AF3-BEC0AFF2D4F5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{AEF68F71-6DDA-450F-8A90-8D3D6AFA5EB5}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{C90D4279-B883-4D5C-B4C0-1B8FD14B0764}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{8870F1EB-694A-4BCB-87D0-F2E4964DCEE4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7E785829-2F2C-415F-9276-2C367BAFC097}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1382060D-C07B-426E-9BE7-7FDD0B27F843}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Renesas Electronics USB 3.0 Root Hub
Description: Renesas Electronics USB 3.0 Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Renesas Electronics
Service: nusb3hub
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2018 06:45:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/24/2018 03:33:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/24/2018 02:06:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/23/2018 10:37:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/22/2018 10:00:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/22/2018 07:33:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/21/2018 08:02:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/20/2018 06:49:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (03/24/2018 06:51:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/24/2018 06:51:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/24/2018 06:42:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/24/2018 03:32:19 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (03/24/2018 03:32:19 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (03/24/2018 03:32:18 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (03/24/2018 03:32:18 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (03/24/2018 03:32:17 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
Percentage of memory in use: 67%
Total physical RAM: 8047.38 MB
Available physical RAM: 2626.41 MB
Total Virtual: 16092.95 MB
Available Virtual: 9975.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:318.09 GB) (Free:180.3 GB) NTFS
Drive d: () (Fixed) (Total:7.86 GB) (Free:7 GB) NTFS
Drive f: (DATA) (Fixed) (Total:605.47 GB) (Free:190.36 GB) NTFS

\\?\Volume{54a048f7-2276-11e8-bc1f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AF744DB5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=318.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=605.5 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=7.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Link to post
Share on other sites

Almost done!

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.

  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located)
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Fix button
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad
  • Copy and paste its content in your next reply

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by EAGLE (25-03-2018 15:12:33) Run:2
Running from C:\Users\EAGLE\Desktop
Loaded Profiles: EAGLE (Available Profiles: EAGLE)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File

MSCONFIG\startupreg: DriverMax => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent

C:\Program Files (x86)\Innovative Solutions
C:\Users\EAGLE\Desktop\Malwarebytes Premium 3.4.3.2394 Beta + Crack [CracksNow]
C:\Users\EAGLE\Downloads\Malwarebytes%20Premium%203.4.4.2398%20Multilingual.rar

EmptyTemp:
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509}" => removed successfully
HKLM\Software\Classes\CLSID\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => not found
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax" => removed successfully
C:\Program Files (x86)\Innovative Solutions => moved successfully
C:\Users\EAGLE\Desktop\Malwarebytes Premium 3.4.3.2394 Beta + Crack [CracksNow] => moved successfully
C:\Users\EAGLE\Downloads\Malwarebytes%20Premium%203.4.4.2398%20Multilingual.rar => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 105118585 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 748848798 B
Edge => 0 B
Chrome => 516136600 B
Firefox => 30570878 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 45044 B
systemprofile32 => 69430 B
LocalService => 66228 B
NetworkService => 86276 B
EAGLE => 502617816 B

RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:19:50 ====

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.