Zamrznutie PC - Modra obrazovka

[milos736]

Dobry vecer, poprosil by som o kontrolu logu na pritomnost viru. Uz priblizne tyzden PC z nicoho nic zamrzne, musim natvrdo vypnut alebo nabehne rovno modra obrazovka smrti, robilo to coraz castejsie tak som PC vratil do vyrobnych nastaveni ako na zaciatku na Win 8, aktualizoval, cez win updater aktualizoval na 8.1, urobil komplet aktualizaciu ale nepomohlo to robi to aj tak. Je mozne ze je v PC pritomnost virusu?? dakujem dobrym ludom za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ja at 2016-08-24 22:41:23
Microsoft Windows 8.1
System drive C: has 210 GB (73%) free of 286 GB
Total RAM: 3982 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:41:29, on 24.8.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Users\Ja\AppData\Roaming\ICQ\bin\icq.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Ja.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [icq.desktop] "C:\Users\Ja\AppData\Roaming\ICQ\bin\icq.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CyberGhost 6 Service (CG6Service) - CyberGhost S.R.L - C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10247 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
C:\WINDOWS\Explorer.EXE
KBFiltr.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
ClassicStartMenu.exe -startup

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Users\Ja\AppData\Roaming\ICQ\bin\icq.exe" /startup
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Ja\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wrqc7eju.default-1471900876311

prefs.js - "browser.startup.homepage" - "www.google.sk/"

"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-04-24 66688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-23 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-23 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-04-24 132736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq.desktop"=C:\Users\Ja\AppData\Roaming\ICQ\bin\icq.exe [2016-08-22 31181448]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-07-13 29500544]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-08-05 8894680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25 1110232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-07-04 1321688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-23 13632216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-08-23 9103976]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-04-24 132736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-24 22:41:23 ----D---- C:\rsit
2016-08-24 22:41:23 ----D---- C:\Program Files\trend micro
2016-08-24 18:40:33 ----D---- C:\Program Files (x86)\DirBuster
2016-08-24 16:48:24 ----D---- C:\WINDOWS\LastGood.Tmp
2016-08-24 16:47:55 ----D---- C:\ProgramData\Hewlett-Packard
2016-08-24 12:23:23 ----D---- C:\Users\Ja\AppData\Roaming\Maxthon3
2016-08-24 12:23:10 ----D---- C:\Program Files (x86)\Maxthon
2016-08-24 12:18:19 ----D---- C:\Program Files (x86)\Opera
2016-08-24 11:50:25 ----D---- C:\Users\Ja\AppData\Roaming\Opera Software
2016-08-24 11:42:05 ----D---- C:\ProgramData\Apple Computer
2016-08-24 11:42:05 ----D---- C:\Program Files (x86)\Safari
2016-08-24 11:41:48 ----D---- C:\ProgramData\Apple
2016-08-24 11:41:48 ----D---- C:\Program Files (x86)\Apple Software Update
2016-08-24 10:56:03 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-08-24 10:46:29 ----D---- C:\WINDOWS\system32\appraiser
2016-08-24 08:06:58 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-24 08:06:58 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-24 07:29:43 ----D---- C:\WINDOWS\PCHEALTH
2016-08-24 07:11:55 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2016-08-24 07:11:53 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2016-08-24 06:34:58 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-24 06:34:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-08-24 06:34:57 ----A---- C:\WINDOWS\system32\centel.dll
2016-08-24 06:34:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-08-24 06:34:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-24 06:34:56 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-08-24 06:34:56 ----A---- C:\WINDOWS\system32\invagent.dll
2016-08-24 06:34:56 ----A---- C:\WINDOWS\system32\devinv.dll
2016-08-24 06:34:56 ----A---- C:\WINDOWS\system32\aepic.dll
2016-08-24 06:34:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-08-24 06:28:17 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-08-24 06:28:17 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-24 06:27:52 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-24 06:27:52 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-24 06:27:51 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-08-24 06:27:50 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 06:27:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-24 06:27:45 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-24 06:27:43 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-24 06:27:37 ----A---- C:\WINDOWS\system32\twinui.dll
2016-08-24 06:27:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-24 06:27:34 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-08-24 06:27:33 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-24 06:27:32 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-08-24 06:27:32 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-08-24 06:27:31 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-08-24 06:27:31 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-08-24 06:27:31 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-08-24 06:27:30 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-24 06:27:30 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-24 06:27:29 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-08-24 06:27:29 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-08-24 06:27:29 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-08-24 06:27:29 ----A---- C:\WINDOWS\system32\rpcss.dll
2016-08-24 06:27:29 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-24 06:27:29 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-08-24 06:27:28 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-24 06:27:28 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2016-08-24 06:27:27 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-24 06:27:27 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-24 06:27:27 ----A---- C:\WINDOWS\system32\webio.dll
2016-08-24 06:27:27 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-08-24 06:27:27 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2016-08-24 06:27:26 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2016-08-24 06:27:26 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-08-24 06:27:26 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-08-24 06:27:26 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-08-24 06:27:26 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2016-08-24 06:27:26 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-08-24 06:27:25 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-08-24 06:27:25 ----A---- C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-24 06:27:25 ----A---- C:\WINDOWS\system32\schannel.dll
2016-08-24 06:27:25 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-08-24 06:27:25 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-24 06:27:25 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-08-24 06:27:24 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-08-24 06:27:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-08-24 06:27:24 ----A---- C:\WINDOWS\system32\msi.dll
2016-08-24 06:27:24 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2016-08-24 06:27:24 ----A---- C:\WINDOWS\system32\certutil.exe
2016-08-24 06:27:23 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-08-24 06:27:23 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-08-24 06:27:23 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2016-08-24 06:27:22 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2016-08-24 06:27:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Geolocation.dll
2016-08-24 06:27:21 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-08-24 06:27:21 ----A---- C:\WINDOWS\system32\LocationApi.dll
2016-08-24 06:27:21 ----A---- C:\WINDOWS\system32\gpresult.exe
2016-08-24 06:27:21 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2016-08-24 06:27:20 ----A---- C:\WINDOWS\SYSWOW64\UserAccountBroker.exe
2016-08-24 06:27:20 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2016-08-24 06:27:20 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2016-08-24 06:27:20 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-08-24 06:27:20 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2016-08-24 06:27:20 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-24 06:27:20 ----A---- C:\WINDOWS\system32\WebClnt.dll
2016-08-24 06:27:20 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-24 06:27:20 ----A---- C:\WINDOWS\system32\msiexec.exe
2016-08-24 06:27:20 ----A---- C:\WINDOWS\system32\cryptxml.dll
2016-08-24 06:27:19 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2016-08-24 06:27:19 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-24 06:27:19 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-08-24 06:27:19 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-08-24 06:27:19 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-08-24 06:27:19 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-24 06:27:17 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-08-24 06:27:17 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-08-24 06:27:17 ----A---- C:\WINDOWS\SYSWOW64\hbaapi.dll
2016-08-24 06:27:17 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2016-08-24 06:27:17 ----A---- C:\WINDOWS\system32\hbaapi.dll
2016-08-24 06:27:17 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-08-24 06:27:17 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-08-24 06:27:16 ----A---- C:\WINDOWS\system32\httpprxm.dll
2016-08-24 06:27:15 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2016-08-24 06:27:15 ----A---- C:\WINDOWS\SYSWOW64\certenc.dll
2016-08-24 06:27:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-08-24 06:27:15 ----A---- C:\WINDOWS\system32\httpprxp.dll
2016-08-24 06:27:15 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-08-24 06:27:15 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2016-08-24 06:27:15 ----A---- C:\WINDOWS\system32\certenc.dll
2016-08-24 06:27:15 ----A---- C:\WINDOWS\system32\adhsvc.dll
2016-08-24 06:27:14 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-08-24 06:27:14 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-08-24 06:27:14 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-08-24 06:27:14 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-08-24 06:27:14 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-08-24 06:27:14 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-08-24 06:27:14 ----A---- C:\WINDOWS\system32\authui.dll
2016-08-24 06:26:37 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-24 06:24:46 ----A---- C:\WINDOWS\system32\tzsync.exe
2016-08-24 06:24:16 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-08-24 05:22:08 ----D---- C:\Program Files\Common Files\Atheros
2016-08-24 05:15:49 ----D---- C:\Users\Ja\AppData\Roaming\Identities
2016-08-24 03:31:36 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-08-24 03:29:44 ----DC---- C:\WINDOWS\Panther
2016-08-24 03:27:21 ----D---- C:\Windows.old
2016-08-24 03:16:39 ----A---- C:\WINDOWS\system32\fhcpl.dll
2016-08-24 03:15:51 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2016-08-24 03:15:51 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-08-24 03:15:51 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2016-08-24 03:15:51 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-08-24 03:15:22 ----A---- C:\WINDOWS\system32\perfi015.dat
2016-08-24 03:15:22 ----A---- C:\WINDOWS\system32\perfh015.dat
2016-08-24 03:15:22 ----A---- C:\WINDOWS\system32\perfd015.dat
2016-08-24 03:15:22 ----A---- C:\WINDOWS\system32\perfc015.dat
2016-08-24 03:14:46 ----D---- C:\WINDOWS\SYSWOW64\drivers\pl-PL
2016-08-24 03:14:43 ----D---- C:\WINDOWS\SYSWOW64\pl
2016-08-24 03:14:43 ----D---- C:\WINDOWS\system32\drivers\pl-PL
2016-08-24 03:14:43 ----D---- C:\WINDOWS\pl-PL
2016-08-24 03:14:42 ----D---- C:\WINDOWS\system32\pl
2016-08-24 03:01:06 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-08-24 03:01:06 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\vsstrace.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\rasser.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\rasmxs.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\rasdiag.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\QSVRMGMT.DLL
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\QSHVHOST.DLL
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\eventcls.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\WSDMon.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\WinSCard.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\vsstrace.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\vssapi.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\vpnike.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\rasser.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\rasmxs.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\rasdiag.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\rascfg.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\QSVRMGMT.DLL
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\QSHVHOST.DLL
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\eventcls.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-08-24 03:00:21 ----A---- C:\WINDOWS\splwow64.exe
2016-08-24 03:00:20 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2016-08-24 02:58:46 ----A---- C:\WINDOWS\system32\msra.exe
2016-08-24 02:58:15 ----SD---- C:\Users\Ja\AppData\Roaming\Microsoft
2016-08-24 02:57:54 ----A---- C:\WINDOWS\SYSWOW64\dhcpsapi.dll
2016-08-24 02:57:54 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2016-08-24 02:57:28 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2016-08-24 02:57:28 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-08-24 02:57:28 ----A---- C:\WINDOWS\system32\dbghelp.dll
2016-08-24 02:57:28 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-08-24 02:56:49 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2016-08-24 02:56:49 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-08-24 02:56:49 ----A---- C:\WINDOWS\system32\wscapi.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMVSDECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMVENCOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOE.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMADMOE.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\VIDRESZR.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\RESAMPLEDMO.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2adec.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\MPG4DECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\MP4SDECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\MP43DECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\MP3DMOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\MFWMAAEC.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\mfvdsp.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\devenum.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\SYSWOW64\COLORCNV.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMVSDECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMVENCOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMADMOE.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\VIDRESZR.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\SysFxUI.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\quartz.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\MP4SDECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\MFWMAAEC.DLL
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\mfvdsp.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\mfps.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\evr.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\devenum.dll
2016-08-24 02:56:16 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2016-08-24 02:55:11 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2016-08-24 02:55:11 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2016-08-24 02:54:45 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2016-08-24 02:54:45 ----A---- C:\WINDOWS\system32\notepad.exe
2016-08-24 02:54:45 ----A---- C:\WINDOWS\notepad.exe
2016-08-24 02:54:20 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2016-08-24 02:53:31 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2016-08-24 02:53:31 ----A---- C:\WINDOWS\system32\authz.dll
2016-08-24 02:53:06 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2016-08-24 02:53:06 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2016-08-24 02:52:38 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2016-08-24 02:52:10 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2016-08-24 02:52:10 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-08-24 02:52:10 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2016-08-24 02:51:09 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-08-24 02:50:26 ----D---- C:\WINDOWS\en-GB
2016-08-24 02:50:25 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-GB
2016-08-24 02:50:25 ----D---- C:\WINDOWS\system32\drivers\en-GB
2016-08-24 02:41:42 ----A---- C:\WINDOWS\system32\drivers\RTWAVES40.dat
2016-08-24 02:41:26 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2016-08-24 02:41:26 ----D---- C:\Program Files\Realtek
2016-08-24 02:41:18 ----D---- C:\Program Files (x86)\Intel
2016-08-24 02:41:15 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
2016-08-24 02:41:15 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2016-08-24 02:39:22 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-08-24 02:39:22 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-08-24 02:39:00 ----A---- C:\WINDOWS\system32\apphelp.dll
2016-08-24 02:37:45 ----A---- C:\WINDOWS\system32\drivers\sermouse.sys
2016-08-24 02:37:45 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2016-08-24 02:37:45 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2016-08-24 02:37:45 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2016-08-24 02:37:45 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys
2016-08-24 02:37:45 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-08-24 02:37:04 ----A---- C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-08-24 02:36:40 ----A---- C:\WINDOWS\SYSWOW64\IPHLPAPI.DLL
2016-08-24 02:36:40 ----A---- C:\WINDOWS\system32\IPHLPAPI.DLL
2016-08-24 02:36:40 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-08-24 02:36:40 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-08-24 02:35:46 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-08-24 02:35:46 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-08-24 02:35:19 ----D---- C:\WINDOWS\Prefetch
2016-08-24 02:34:19 ----A---- C:\WINDOWS\SYSWOW64\EncDec.dll
2016-08-24 02:34:19 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-08-24 02:34:19 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-08-24 02:34:19 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-08-24 02:34:19 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-08-24 02:34:19 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-08-24 02:33:57 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-08-24 02:32:31 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-08-24 02:32:31 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-08-24 02:32:08 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2016-08-24 02:32:08 ----A---- C:\WINDOWS\system32\poqexec.exe
2016-08-24 02:31:38 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-08-24 02:30:41 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-08-24 02:30:41 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-08-24 02:30:20 ----A---- C:\WINDOWS\SYSWOW64\ws2_32.dll
2016-08-24 02:30:20 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2016-08-24 02:30:20 ----A---- C:\WINDOWS\system32\ws2_32.dll
2016-08-24 02:30:20 ----A---- C:\WINDOWS\system32\mswsock.dll
2016-08-24 02:30:20 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2016-08-24 02:29:57 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\system32\puiobj.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\system32\puiapi.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\system32\ntprint.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\system32\localspl.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\system32\inetpp.dll
2016-08-24 02:29:57 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-08-24 02:29:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-08-24 02:29:34 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-08-24 02:28:50 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2016-08-24 02:28:09 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-08-24 02:28:09 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-08-24 02:28:09 ----A---- C:\WINDOWS\system32\samlib.dll
2016-08-24 02:27:39 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2016-08-24 02:27:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 02:27:39 ----A---- C:\WINDOWS\system32\WSShared.dll
2016-08-24 02:27:39 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 02:26:24 ----A---- C:\WINDOWS\system32\nlasvc.dll
2016-08-24 02:26:24 ----A---- C:\WINDOWS\system32\ncsi.dll
2016-08-24 02:26:04 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2016-08-24 02:25:03 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-08-24 02:25:03 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-08-24 02:25:03 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-08-24 02:24:33 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2016-08-24 02:24:33 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2016-08-24 02:24:33 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2016-08-24 02:24:33 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2016-08-24 02:24:33 ----A---- C:\WINDOWS\system32\eapphost.dll
2016-08-24 02:24:33 ----A---- C:\WINDOWS\system32\eappgnui.dll
2016-08-24 02:24:33 ----A---- C:\WINDOWS\system32\eappcfg.dll
2016-08-24 02:24:33 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\vmictimeprovider.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\vmicres.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\vmbusres.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\vmbuspiper.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\icsvc.dll
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\vms3cap.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\vmgencounter.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\vmbusr.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\VMBusHID.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\Synth3dVsc.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\hyperkbd.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\drivers\dmvsc.sys
2016-08-24 02:23:43 ----A---- C:\WINDOWS\system32\dmvscres.dll
2016-08-24 02:23:02 ----A---- C:\WINDOWS\SYSWOW64\dsparse.dll
2016-08-24 02:23:02 ----A---- C:\WINDOWS\system32\dsparse.dll
2016-08-24 02:22:41 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2016-08-24 02:22:41 ----A---- C:\WINDOWS\system32\UtcResources.dll
2016-08-24 02:22:41 ----A---- C:\WINDOWS\system32\tdh.dll
2016-08-24 02:22:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-08-24 02:19:42 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-08-24 02:19:42 ----A---- C:\WINDOWS\system32\comctl32.dll
2016-08-24 02:19:22 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2016-08-24 02:19:22 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2016-08-24 02:18:42 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2016-08-24 02:18:42 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-08-24 02:18:42 ----A---- C:\WINDOWS\system32\clfsw32.dll
2016-08-24 02:18:22 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2016-08-24 02:18:22 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2016-08-24 02:18:22 ----A---- C:\WINDOWS\system32\tracerpt.exe
2016-08-24 02:18:22 ----A---- C:\WINDOWS\system32\sechost.dll
2016-08-24 02:17:39 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-08-24 02:17:39 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-08-24 02:17:17 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2016-08-24 02:16:25 ----A---- C:\WINDOWS\SYSWOW64\WinSync.dll
2016-08-24 02:16:25 ----A---- C:\WINDOWS\system32\WinSync.dll
2016-08-24 02:16:04 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-08-24 02:16:04 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-08-24 02:15:44 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-08-24 02:15:44 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-08-24 02:15:44 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-08-24 02:15:44 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-08-24 02:15:17 ----A---- C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-08-24 02:14:58 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-08-24 02:14:58 ----A---- C:\WINDOWS\system32\msctf.dll
2016-08-24 02:14:36 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys
2016-08-24 02:14:18 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-08-24 02:13:56 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2016-08-24 02:13:56 ----A---- C:\WINDOWS\system32\wups2.dll
2016-08-24 02:13:56 ----A---- C:\WINDOWS\system32\wups.dll
2016-08-24 02:13:56 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2016-08-24 02:13:28 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2016-08-24 02:13:09 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-08-24 02:12:46 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2016-08-24 02:12:46 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2016-08-24 02:12:46 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-08-24 02:12:46 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-08-24 02:12:02 ----A---- C:\WINDOWS\system32\TSWbPrxy.exe
2016-08-24 02:11:43 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\msrating.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\jscript.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\inseng.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\ieui.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\hlink.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-08-24 02:10:53 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2016-08-24 02:08:31 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2016-08-24 02:08:31 ----A---- C:\WINDOWS\system32\rsaenh.dll
2016-08-24 02:08:13 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-08-24 02:08:13 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-08-24 02:07:30 ----A---- C:\WINDOWS\system32\wininit.exe
2016-08-24 02:06:47 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2016-08-24 02:06:47 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2016-08-24 02:06:47 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-08-24 02:04:02 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2016-08-24 02:04:02 ----A---- C:\WINDOWS\system32\wpdshext.dll
2016-08-24 02:03:43 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2016-08-24 02:03:43 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2016-08-24 02:03:43 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-08-24 02:03:43 ----A---- C:\WINDOWS\system32\mfc42u.dll
2016-08-24 02:03:43 ----A---- C:\WINDOWS\system32\mfc42.dll
2016-08-24 02:03:43 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-08-24 02:03:01 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-08-24 02:03:01 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-08-24 02:03:01 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-24 02:03:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-08-24 02:03:01 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-24 02:03:01 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-24 02:03:01 ----A---- C:\WINDOWS\system32\certcli.dll
2016-08-24 02:03:01 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-24 02:02:34 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2016-08-24 02:02:34 ----A---- C:\WINDOWS\system32\qedit.dll
2016-08-24 02:01:51 ----A---- C:\WINDOWS\system32\csrsrv.dll
2016-08-24 02:01:51 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-08-24 02:01:24 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2016-08-24 02:01:07 ----A---- C:\WINDOWS\system32\NcdAutoSetup.dll
2016-08-24 02:00:49 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-08-24 02:00:29 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-08-24 01:59:55 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2016-08-24 01:59:55 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2016-08-24 01:59:55 ----A---- C:\WINDOWS\SYSWOW64\WsmAuto.dll
2016-08-24 01:59:55 ----A---- C:\WINDOWS\SYSWOW64\WsmAgent.dll
2016-08-24 01:59:55 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2016-08-24 01:59:55 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2016-08-24 01:59:55 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2016-08-24 01:59:55 ----A---- C:\WINDOWS\system32\WsmAgent.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\stobject.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-08-24 01:59:23 ----A---- C:\WINDOWS\explorer.exe
2016-08-24 01:58:34 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2016-08-24 01:58:34 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2016-08-24 01:57:59 ----A---- C:\WINDOWS\system32\lsm.dll
2016-08-24 01:57:37 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-08-24 01:57:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-24 01:57:19 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-08-24 01:57:19 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-24 01:57:19 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-08-24 01:56:42 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2016-08-24 01:56:24 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2016-08-24 01:56:07 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2016-08-24 01:56:07 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2016-08-24 01:55:31 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2016-08-24 01:55:31 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-08-24 01:55:12 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-08-24 01:55:11 ----A---- C:\WINDOWS\SYSWOW64\WMASF.DLL
2016-08-24 01:55:11 ----A---- C:\WINDOWS\system32\wmp.dll
2016-08-24 01:55:11 ----A---- C:\WINDOWS\system32\WMASF.DLL
2016-08-24 01:53:49 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2016-08-24 01:53:49 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2016-08-24 01:53:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-08-24 01:53:12 ----A---- C:\WINDOWS\system32\winresume.exe
2016-08-24 01:53:12 ----A---- C:\WINDOWS\system32\winload.exe
2016-08-24 01:53:12 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-08-24 01:53:12 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-08-24 01:52:44 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2016-08-24 01:52:44 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2016-08-24 01:52:44 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2016-08-24 01:52:44 ----A---- C:\WINDOWS\system32\polstore.dll
2016-08-24 01:52:44 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2016-08-24 01:52:44 ----A---- C:\WINDOWS\system32\gpsvc.dll
2016-08-24 01:52:44 ----A---- C:\WINDOWS\system32\gpapi.dll
2016-08-24 01:52:44 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2016-08-24 01:52:23 ----A---- C:\WINDOWS\SYSWOW64\DeviceSetupStatusProvider.dll
2016-08-24 01:52:23 ----A---- C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2016-08-24 01:52:05 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-24 01:51:46 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2016-08-24 01:51:46 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-08-24 01:51:46 ----A---- C:\WINDOWS\system32\nshwfp.dll
2016-08-24 01:51:46 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-08-24 01:51:46 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2016-08-24 01:51:46 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-08-24 01:51:28 ----A---- C:\WINDOWS\SYSWOW64\d3d10level9.dll
2016-08-24 01:51:28 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-08-24 01:51:08 ----A---- C:\WINDOWS\system32\compstui.dll
2016-08-24 01:50:48 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-08-24 01:50:48 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-08-24 01:49:52 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-08-24 01:49:52 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2016-08-24 01:49:52 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-08-24 01:49:52 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-08-24 01:49:52 ----A---- C:\WINDOWS\system32\combase.dll
2016-08-24 01:49:09 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-08-24 01:48:52 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-08-24 01:48:34 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2016-08-24 01:48:34 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2016-08-24 01:48:34 ----A---- C:\WINDOWS\system32\comsvcs.dll
2016-08-24 01:48:34 ----A---- C:\WINDOWS\system32\catsrvut.dll
2016-08-24 01:48:12 ----A---- C:\WINDOWS\system32\services.exe
2016-08-24 01:47:54 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2016-08-24 01:47:54 ----A---- C:\WINDOWS\system32\netcfgx.dll
2016-08-24 01:47:54 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-08-24 01:47:14 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2016-08-24 01:47:14 ----A---- C:\WINDOWS\system32\shacct.dll
2016-08-24 01:46:57 ----A---- C:\WINDOWS\system32\perfi005.dat
2016-08-24 01:46:57 ----A---- C:\WINDOWS\system32\perfh005.dat
2016-08-24 01:46:57 ----A---- C:\WINDOWS\system32\perfd005.dat
2016-08-24 01:46:57 ----A---- C:\WINDOWS\system32\perfc005.dat
2016-08-24 01:46:29 ----D---- C:\WINDOWS\SYSWOW64\cs
2016-08-24 01:46:28 ----D---- C:\WINDOWS\SYSWOW64\drivers\cs-CZ
2016-08-24 01:46:28 ----D---- C:\WINDOWS\cs-CZ
2016-08-24 01:46:26 ----D---- C:\WINDOWS\system32\cs
2016-08-24 01:46:25 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-08-24 01:34:58 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-08-24 01:34:58 ----A---- C:\WINDOWS\system32\SRH.dll
2016-08-24 01:34:29 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2016-08-24 01:34:29 ----A---- C:\WINDOWS\system32\winshfhc.dll
2016-08-24 01:34:29 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2016-08-24 01:34:29 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2016-08-24 01:34:29 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2016-08-24 01:34:10 ----A---- C:\WINDOWS\SYSWOW64\taskeng.exe
2016-08-24 01:34:10 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2016-08-24 01:34:10 ----A---- C:\WINDOWS\system32\taskeng.exe
2016-08-24 01:34:10 ----A---- C:\WINDOWS\system32\schtasks.exe
2016-08-24 01:34:10 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-08-24 01:33:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-08-24 01:33:57 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-08-24 01:33:46 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2016-08-24 01:33:46 ----A---- C:\WINDOWS\system32\calc.exe
2016-08-24 01:33:18 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2016-08-24 01:33:18 ----A---- C:\WINDOWS\system32\davclnt.dll
2016-08-24 01:33:05 ----A---- C:\WINDOWS\system32\wuaext.dll
2016-08-24 01:33:05 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2016-08-24 01:33:05 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-08-24 01:32:44 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-08-24 01:32:44 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-08-24 01:32:29 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2016-08-24 01:32:07 ----A---- C:\WINDOWS\system32\AuthHost.exe
2016-08-24 01:31:54 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2016-08-24 01:31:54 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2016-08-24 01:31:54 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2016-08-24 01:31:54 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2016-08-24 01:31:54 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2016-08-24 01:31:54 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2016-08-24 01:31:43 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-08-24 01:31:30 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys
2016-08-24 01:31:20 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2016-08-24 01:31:20 ----A---- C:\WINDOWS\system32\pku2u.dll
2016-08-24 01:31:07 ----A---- C:\WINDOWS\system32\sysmain.dll
2016-08-24 01:31:07 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2016-08-24 01:30:48 ----A---- C:\WINDOWS\system32\consent.exe
2016-08-24 01:30:48 ----A---- C:\WINDOWS\system32\appinfo.dll
2016-08-24 01:30:33 ----A---- C:\WINDOWS\SYSWOW64\InkEd.dll
2016-08-24 01:30:33 ----A---- C:\WINDOWS\system32\InkEd.dll
2016-08-24 01:30:18 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-08-24 01:30:18 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-08-24 01:29:55 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-08-24 01:29:44 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2016-08-24 01:27:08 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2016-08-24 01:26:56 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2016-08-24 01:26:35 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-08-24 01:26:35 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-08-24 01:26:24 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-08-24 01:26:11 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll
2016-08-24 01:26:11 ----A---- C:\WINDOWS\system32\ncrypt.dll
2016-08-24 01:26:11 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-08-24 01:26:11 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-08-24 01:25:51 ----A---- C:\WINDOWS\SYSWOW64\scesrv.dll
2016-08-24 01:25:51 ----A---- C:\WINDOWS\system32\scesrv.dll
2016-08-24 01:25:41 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-24 01:25:41 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-24 01:25:30 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\SYSWOW64\wow32.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\SYSWOW64\user.exe
2016-08-24 01:25:11 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2016-08-24 01:25:11 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\SYSWOW64\instnm.exe
2016-08-24 01:25:11 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\system32\wow64.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\system32\ntvdm64.dll
2016-08-24 01:25:11 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-08-24 01:24:50 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-08-24 01:24:29 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-08-24 01:24:29 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-08-24 01:24:29 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-08-24 01:24:29 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-08-24 01:24:19 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-08-24 01:24:19 ----A---- C:\WINDOWS\system32\mfds.dll
2016-08-24 01:24:04 ----A---- C:\WINDOWS\system32\perfi00E.dat
2016-08-24 01:24:04 ----A---- C:\WINDOWS\system32\perfh00E.dat
2016-08-24 01:24:04 ----A---- C:\WINDOWS\system32\perfd00E.dat
2016-08-24 01:24:04 ----A---- C:\WINDOWS\system32\perfc00E.dat
2016-08-24 01:23:33 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-08-24 01:23:33 ----D---- C:\WINDOWS\SYSWOW64\hu
2016-08-24 01:23:33 ----D---- C:\WINDOWS\SYSWOW64\drivers\hu-HU
2016-08-24 01:23:32 ----D---- C:\WINDOWS\system32\hu
2016-08-24 01:23:32 ----D---- C:\WINDOWS\system32\drivers\hu-HU
2016-08-24 01:23:31 ----D---- C:\WINDOWS\hu-HU
2016-08-24 01:10:59 ----A---- C:\WINDOWS\system32\VSSVC.exe
2016-08-24 01:10:46 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-08-24 01:10:41 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2016-08-24 01:10:41 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2016-08-24 01:10:41 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\system32\tquery.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2016-08-24 01:10:41 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2016-08-24 01:10:41 ----A---- C:\WINDOWS\system32\mssvp.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\system32\mssrch.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\system32\mssphtb.dll
2016-08-24 01:10:41 ----A---- C:\WINDOWS\system32\mssph.dll
2016-08-24 01:07:52 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2016-08-24 01:07:52 ----A---- C:\WINDOWS\system32\untfs.dll
2016-08-24 01:07:35 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-08-24 01:07:35 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-08-24 01:07:35 ----A---- C:\WINDOWS\system32\user32.dll
2016-08-24 01:07:35 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-08-24 01:07:35 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-08-24 01:07:23 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2016-08-24 01:07:18 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2016-08-24 01:07:18 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2016-08-24 01:07:08 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-08-24 01:07:08 ----A---- C:\WINDOWS\system32\mispace.dll
2016-08-24 01:07:08 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-08-24 01:06:45 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2016-08-24 01:06:45 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2016-08-24 01:06:42 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-08-24 01:06:42 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-08-24 01:06:37 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2016-08-24 01:06:37 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2016-08-24 01:06:33 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-08-24 01:06:33 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-08-24 01:06:28 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2016-08-24 01:06:28 ----A---- C:\WINDOWS\system32\storagewmi.dll
2016-08-24 01:06:17 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-08-24 01:06:11 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2016-08-24 01:05:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-08-24 01:05:39 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-08-24 01:05:33 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2016-08-24 01:05:33 ----A---- C:\WINDOWS\system32\msftedit.dll
2016-08-24 01:05:29 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2016-08-24 01:05:29 ----A---- C:\WINDOWS\system32\photowiz.dll
2016-08-24 01:05:05 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2016-08-24 01:05:05 ----A---- C:\WINDOWS\system32\appidsvc.dll
2016-08-24 01:05:05 ----A---- C:\WINDOWS\system32\appidapi.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2016-08-24 01:04:59 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\wer.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\Faultrep.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\EncDump.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\ci.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-08-24 01:04:59 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-08-24 01:02:07 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-08-24 01:02:07 ----D---- C:\Program Files (x86)\MSBuild
2016-08-24 01:02:06 ----D---- C:\Program Files\Reference Assemblies
2016-08-24 01:02:06 ----D---- C:\Program Files\MSBuild
2016-08-24 01:01:20 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-08-24 01:01:17 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-24 01:00:58 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2016-08-24 01:00:58 ----A---- C:\WINDOWS\system32\sdbinst.exe
2016-08-23 17:20:06 ----D---- C:\Program Files\Microsoft Silverlight
2016-08-23 17:20:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-08-23 16:58:28 ----D---- C:\WINDOWS\Trans
2016-08-23 12:20:05 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-08-23 12:17:45 ----D---- C:\Users\Ja\AppData\Roaming\AVAST Software
2016-08-23 12:13:06 ----D---- C:\Program Files\Common Files\AV
2016-08-23 12:12:26 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2016-08-23 12:12:26 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2016-08-23 12:12:26 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2016-08-23 12:12:26 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2016-08-23 12:12:26 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2016-08-23 12:12:26 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2016-08-23 12:12:26 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2016-08-23 12:12:25 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2016-08-23 12:11:51 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-08-23 12:11:26 ----A---- C:\WINDOWS\avastSS.scr
2016-08-23 12:10:02 ----D---- C:\Program Files\AVAST Software
2016-08-23 12:09:25 ----D---- C:\ProgramData\AVAST Software
2016-08-23 07:17:10 ----D---- C:\Program Files\CyberGhost 6
2016-08-23 04:25:37 ----D---- C:\WINDOWS\Migration
2016-08-23 04:16:30 ----D---- C:\WINDOWS\system32\MRT
2016-08-23 04:16:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-23 03:59:24 ----A---- C:\WINDOWS\system32\MpSigStub.exe
2016-08-23 02:54:14 ----D---- C:\Program Files (x86)\URLHelper
2016-08-23 02:52:37 ----D---- C:\Users\Ja\AppData\Roaming\DonationCoder
2016-08-23 02:52:37 ----A---- C:\WINDOWS\SYSWOW64\DonationCoder_urlsnooper_InstallInfo.dat
2016-08-23 02:51:14 ----D---- C:\ProgramData\DonationCoder
2016-08-23 02:51:14 ----D---- C:\Program Files (x86)\URLSnooper2
2016-08-23 02:46:35 ----D---- C:\Users\Ja\AppData\Roaming\Zoner
2016-08-23 02:45:10 ----D---- C:\Program Files (x86)\Zoner
2016-08-23 02:41:22 ----D---- C:\Program Files (x86)\WinSCP
2016-08-23 01:38:37 ----D---- C:\Program Files (x86)\Microsoft Works
2016-08-23 01:37:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-08-23 01:32:33 ----D---- C:\Program Files\Microsoft Office
2016-08-23 01:32:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-08-23 01:30:52 ----D---- C:\Program Files (x86)\Microsoft Office
2016-08-23 01:30:50 ----D---- C:\ProgramData\Microsoft Help
2016-08-23 01:28:25 ----D---- C:\Users\Ja\AppData\Roaming\AntsSoft
2016-08-23 01:27:04 ----D---- C:\Program Files (x86)\HTMLProtector
2016-08-23 01:26:07 ----D---- C:\Program Files (x86)\Google
2016-08-23 01:23:34 ----D---- C:\Program Files\CCleaner
2016-08-23 01:20:36 ----D---- C:\Program Files\DivX
2016-08-23 01:18:55 ----D---- C:\Program Files (x86)\DivX
2016-08-23 01:18:21 ----D---- C:\ProgramData\DivX
2016-08-23 00:55:55 ----D---- C:\Program Files\TAP-Windows
2016-08-23 00:55:16 ----D---- C:\Program Files\CyberGhost 5
2016-08-23 00:06:55 ----D---- C:\Users\Ja\AppData\Roaming\Apple Computer
2016-08-23 00:06:52 ----D---- C:\Users\Ja\AppData\Roaming\RST
2016-08-23 00:00:47 ----D---- C:\Program Files (x86)\Adobe
2016-08-22 23:49:11 ----D---- C:\Users\Ja\AppData\Roaming\Skype
2016-08-22 23:48:47 ----RD---- C:\Program Files (x86)\Skype
2016-08-22 23:47:59 ----D---- C:\ProgramData\Skype
2016-08-22 23:35:27 ----D---- C:\Users\Ja\AppData\Roaming\ICQ
2016-08-22 23:34:24 ----D---- C:\Program Files (x86)\TeamViewer
2016-08-22 23:26:56 ----D---- C:\Users\Ja\AppData\Roaming\vlc
2016-08-22 23:26:17 ----D---- C:\Program Files (x86)\VideoLAN
2016-08-22 23:13:59 ----D---- C:\Users\Ja\AppData\Roaming\WinRAR
2016-08-22 23:11:47 ----D---- C:\Program Files (x86)\MozBackup
2016-08-22 23:08:40 ----D---- C:\Users\Ja\AppData\Roaming\FileZilla
2016-08-22 23:08:29 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2016-08-22 23:06:33 ----D---- C:\WINDOWS\Applian FLV Player
2016-08-22 23:06:33 ----D---- C:\Program Files (x86)\FLV Player
2016-08-22 22:50:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-22 22:48:28 ----D---- C:\Users\Ja\AppData\Roaming\Mozilla
2016-08-22 22:48:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-22 22:46:10 ----D---- C:\Program Files (x86)\WinPcap
2016-08-22 22:43:34 ----A---- C:\WINDOWS\SYSWOW64\unrar.dll
2016-08-22 22:43:33 ----A---- C:\WINDOWS\avisplitter.ini
2016-08-22 22:43:29 ----A---- C:\WINDOWS\SYSWOW64\yv12vfw.dll
2016-08-22 22:43:28 ----A---- C:\WINDOWS\SYSWOW64\xvidvfw.dll
2016-08-22 22:43:28 ----A---- C:\WINDOWS\SYSWOW64\xvidcore.dll
2016-08-22 22:43:28 ----A---- C:\WINDOWS\SYSWOW64\qt-dx331.dll
2016-08-22 22:43:28 ----A---- C:\WINDOWS\SYSWOW64\dpl100.dll
2016-08-22 22:43:27 ----A---- C:\WINDOWS\SYSWOW64\divx.dll
2016-08-22 22:43:26 ----A---- C:\WINDOWS\SYSWOW64\ff_vfw.dll
2016-08-22 22:43:24 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2016-08-22 22:33:54 ----D---- C:\ProgramData\ClassicShell
2016-08-22 22:32:39 ----D---- C:\Users\Ja\AppData\Roaming\ClassicShell
2016-08-22 22:31:07 ----D---- C:\Program Files\Classic Shell
2016-08-22 22:27:16 ----D---- C:\Program Files (x86)\WinRAR
2016-08-22 22:21:32 ----D---- C:\Users\Ja\AppData\Roaming\Macromedia
2016-08-22 22:18:54 ----A---- C:\Users\Ja\AppData\Roaming\sp_data.sys
2016-08-22 22:17:53 ----D---- C:\WINDOWS\Profiles
2016-08-22 22:17:53 ----D---- C:\Users\Ja\AppData\Roaming\URSoft
2016-08-22 22:17:45 ----D---- C:\Program Files (x86)\Your Uninstaller 2008
2016-08-22 22:13:15 ----D---- C:\Users\Ja\AppData\Roaming\ASUS WebStorage
2016-08-22 22:12:28 ----D---- C:\Users\Ja\AppData\Roaming\Atheros
2016-08-22 22:11:49 ----D---- C:\Users\Ja\AppData\Roaming\Adobe
2016-08-22 21:59:23 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-22 21:06:11 ----HD---- C:\$SysReset

======List of files/folders modified in the last 1 month======

2016-08-24 22:41:23 ----RD---- C:\Program Files
2016-08-24 22:33:20 ----D---- C:\WINDOWS\Temp
2016-08-24 22:26:01 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-08-24 22:26:01 ----D---- C:\WINDOWS\Inf
2016-08-24 22:00:01 ----D---- C:\WINDOWS\system32\sru
2016-08-24 21:57:35 ----HD---- C:\Program Files\WindowsApps
2016-08-24 21:57:10 ----D---- C:\WINDOWS\AppReadiness
2016-08-24 21:55:44 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-08-24 21:51:28 ----D---- C:\Windows
2016-08-24 19:54:44 ----D---- C:\WINDOWS\system32\drivers
2016-08-24 19:41:51 ----D---- C:\WINDOWS\system32\Tasks
2016-08-24 19:08:09 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-24 19:07:18 ----RD---- C:\WINDOWS\assembly
2016-08-24 18:40:33 ----RD---- C:\Program Files (x86)
2016-08-24 18:39:21 ----AD---- C:\ProgramData\Temp
2016-08-24 16:48:25 ----RD---- C:\WINDOWS\System32
2016-08-24 16:48:24 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-24 16:47:55 ----HD---- C:\ProgramData
2016-08-24 15:18:44 ----D---- C:\WINDOWS\system32\wdi
2016-08-24 12:23:28 ----RSD---- C:\WINDOWS\Fonts
2016-08-24 12:06:51 ----D---- C:\WINDOWS\Tasks
2016-08-24 11:42:21 ----SHD---- C:\WINDOWS\Installer
2016-08-24 11:34:42 ----D---- C:\WINDOWS\system32\config
2016-08-24 11:21:40 ----D---- C:\WINDOWS\WinSxS
2016-08-24 11:19:49 ----D---- C:\WINDOWS\SysWOW64
2016-08-24 11:18:20 ----D---- C:\WINDOWS\CbsTemp
2016-08-24 11:16:44 ----D---- C:\WINDOWS\system32\catroot2
2016-08-24 10:46:56 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2016-08-24 10:46:56 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-08-24 10:46:56 ----D---- C:\WINDOWS\system32\pl-PL
2016-08-24 10:46:56 ----D---- C:\WINDOWS\system32\en-GB
2016-08-24 10:46:55 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-08-24 10:46:55 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-08-24 10:46:54 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2016-08-24 10:46:54 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-24 10:46:54 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-24 10:46:51 ----D---- C:\WINDOWS\system32\hu-HU
2016-08-24 10:46:48 ----D---- C:\WINDOWS\system32\en-US
2016-08-24 10:46:33 ----SD---- C:\WINDOWS\system32\CompatTel
2016-08-24 10:46:29 ----D---- C:\WINDOWS\system32\wbem
2016-08-24 10:46:29 ----D---- C:\WINDOWS\apppatch
2016-08-24 10:46:24 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-08-24 10:46:06 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-24 10:45:54 ----RD---- C:\WINDOWS\ToastData
2016-08-24 10:45:50 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-24 10:45:50 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-08-24 10:45:50 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-24 10:45:41 ----D---- C:\WINDOWS\system32\sk-SK
2016-08-24 10:45:41 ----D---- C:\WINDOWS\system32\migration
2016-08-24 10:45:41 ----D---- C:\WINDOWS\system32\drivers\en-US
2016-08-24 10:24:01 ----D---- C:\WINDOWS\Logs
2016-08-24 07:33:25 ----D---- C:\Program Files (x86)\Common Files
2016-08-24 07:05:10 ----A---- C:\WINDOWS\win.ini
2016-08-24 06:50:49 ----SHD---- C:\System Volume Information
2016-08-24 06:49:49 ----D---- C:\WINDOWS\system32\restore
2016-08-24 06:02:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-24 05:23:25 ----D---- C:\WINDOWS\debug
2016-08-24 05:22:10 ----D---- C:\Program Files (x86)\Bluetooth Suite
2016-08-24 05:22:08 ----D---- C:\Program Files\Common Files
2016-08-24 05:18:54 ----SD---- C:\ProgramData\Microsoft
2016-08-24 05:16:29 ----SHD---- C:\$Recycle.Bin
2016-08-24 03:37:27 ----D---- C:\WINDOWS\rescache
2016-08-24 03:32:09 ----D---- C:\WINDOWS\Registration
2016-08-24 03:31:45 ----D---- C:\WINDOWS\system32\LogFiles
2016-08-24 03:29:30 ----SHD---- C:\Recovery
2016-08-24 03:29:09 ----RSD---- C:\WINDOWS\Media
2016-08-24 03:17:32 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-24 03:14:46 ----D---- C:\WINDOWS\WinStore
2016-08-24 03:14:46 ----D---- C:\WINDOWS\SYSWOW64\winrm
2016-08-24 03:14:46 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2016-08-24 03:14:46 ----D---- C:\WINDOWS\SYSWOW64\oobe
2016-08-24 03:14:46 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-08-24 03:14:46 ----D---- C:\WINDOWS\servicing
2016-08-24 03:14:46 ----D---- C:\Program Files\Windows Photo Viewer
2016-08-24 03:14:46 ----D---- C:\Program Files\Windows Mail
2016-08-24 03:14:46 ----D---- C:\Program Files\Windows Journal
2016-08-24 03:14:46 ----D---- C:\Program Files\Windows Defender
2016-08-24 03:14:46 ----D---- C:\Program Files\Internet Explorer
2016-08-24 03:14:46 ----D---- C:\Program Files\Common Files\System
2016-08-24 03:14:46 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-08-24 03:14:46 ----D---- C:\Program Files (x86)\Windows Mail
2016-08-24 03:14:46 ----D---- C:\Program Files (x86)\Windows Defender
2016-08-24 03:14:46 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-24 03:14:43 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2016-08-24 03:14:43 ----D---- C:\WINDOWS\SYSWOW64\Com
2016-08-24 03:14:43 ----D---- C:\WINDOWS\system32\winrm
2016-08-24 03:14:43 ----D---- C:\WINDOWS\system32\slmgr
2016-08-24 03:14:43 ----D---- C:\WINDOWS\system32\migwiz
2016-08-24 03:14:43 ----D---- C:\WINDOWS\system32\Dism
2016-08-24 03:14:43 ----D---- C:\WINDOWS\system32\Boot
2016-08-24 03:14:43 ----D---- C:\WINDOWS\PolicyDefinitions
2016-08-24 03:14:43 ----D---- C:\WINDOWS\IME
2016-08-24 03:14:42 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-08-24 03:14:42 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2016-08-24 03:14:42 ----D---- C:\WINDOWS\system32\Com
2016-08-24 03:14:42 ----D---- C:\WINDOWS\FileManager
2016-08-24 03:11:56 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-08-24 03:11:56 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-24 03:11:54 ----D---- C:\WINDOWS\sk
2016-08-24 03:11:54 ----D---- C:\WINDOWS\ShellNew
2016-08-24 03:11:54 ----D---- C:\WINDOWS\pl
2016-08-24 03:11:53 ----D---- C:\WINDOWS\hu
2016-08-24 03:11:53 ----D---- C:\WINDOWS\cs
2016-08-24 03:05:38 ----D---- C:\WINDOWS\SYSWOW64\WCN
2016-08-24 03:05:37 ----D---- C:\WINDOWS\SYSWOW64\sysprep
2016-08-24 03:05:37 ----D---- C:\WINDOWS\SYSWOW64\SMI
2016-08-24 03:05:36 ----D---- C:\WINDOWS\SYSWOW64\sda
2016-08-24 03:05:35 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-08-24 03:05:35 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2016-08-24 03:05:34 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-08-24 03:05:34 ----D---- C:\WINDOWS\SYSWOW64\LogFiles
2016-08-24 03:05:33 ----D---- C:\WINDOWS\SYSWOW64\IME
2016-08-24 03:05:31 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2016-08-24 03:05:30 ----D---- C:\WINDOWS\SYSWOW64\catroot
2016-08-24 03:05:25 ----D---- C:\WINDOWS\system32\WCN
2016-08-24 03:05:25 ----D---- C:\WINDOWS\system32\spool
2016-08-24 03:05:18 ----D---- C:\WINDOWS\system32\oobe
2016-08-24 03:05:18 ----D---- C:\WINDOWS\system32\MUI
2016-08-24 03:05:18 ----D---- C:\WINDOWS\system32\Macromed
2016-08-24 03:05:18 ----D---- C:\WINDOWS\system32\IME
2016-08-24 03:03:06 ----D---- C:\WINDOWS\Help
2016-08-24 03:03:05 ----D---- C:\WINDOWS\DigitalLocker
2016-08-24 03:03:02 ----RD---- C:\Users
2016-08-24 03:03:02 ----D---- C:\ProgramData\PRICache
2016-08-24 03:02:55 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-08-24 03:02:54 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-24 03:02:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-08-24 03:02:48 ----SHD---- C:\Program Files\Windows Sidebar
2016-08-24 03:02:48 ----D---- C:\Program Files\Windows Media Player
2016-08-24 03:02:45 ----D---- C:\Program Files\Common Files\microsoft shared
2016-08-24 03:00:55 ----D---- C:\WINDOWS\SYSWOW64\setup
2016-08-24 03:00:55 ----D---- C:\WINDOWS\system32\setup
2016-08-24 02:59:35 ----D---- C:\WINDOWS\system32\Recovery
2016-08-24 02:41:20 ----D---- C:\WINDOWS\system32\catroot
2016-08-24 02:36:55 ----D---- C:\WINDOWS\system32\drivers\sk-SK
2016-08-24 02:33:05 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-24 01:05:03 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2016-08-24 01:04:32 ----SD---- C:\WINDOWS\system32\Microsoft
2016-08-23 23:32:21 ----HD---- C:\$Windows.~BT
2016-08-23 16:48:04 ----D---- C:\WINDOWS\AUInstallAgent
2016-08-23 07:17:17 ----D---- C:\ProgramData\Adobe
2016-08-23 04:33:11 ----D---- C:\ProgramData\McAfee
2016-08-22 22:29:50 ----D---- C:\Program Files (x86)\WildGames
2016-08-22 22:29:23 ----D---- C:\ProgramData\WildTangent
2016-08-22 22:26:00 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-22 22:15:06 ----D---- C:\WINDOWS\Log
2016-08-22 22:12:52 ----D---- C:\ProgramData\Atheros

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-08-23 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-23 292704]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-05-03 677360]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-08-23 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-08-23 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-08-23 969560]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-08-23 513496]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-08-23 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-08-23 163416]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 athr;@oem32.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-08-14 3837440]
R3 ATP;@oem3.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-08-08 69392]
R3 BTATH_HCRP;@oem10.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-04-24 179432]
R3 BTATH_RCP;@oem15.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-04-24 136784]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2016-08-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 HIDSwitch;@oem33.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-11-04 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-07-23 3492568]
R3 IntcDAud;@oem20.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-04-26 342528]
R3 iwdbus;@oem26.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem11.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem13.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2016-08-24 167424]
R3 RSBASTOR;@oem23.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2013-03-05 308808]
R3 RTL8168;@oem29.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-11-29 838872]
R3 tap0901;@oem14.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-08-23 37656]
S3 AthBTPort;@oem8.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-04-24 89800]
S3 BTATH_A2DP;@oem7.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-04-24 347336]
S3 btath_avdt;@oem7.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-04-24 115912]
S3 BTATH_LWFLT;@oem19.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-04-24 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2016-08-24 1201664]
S3 dot4;@oem36.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem37.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem36.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 intaud_WaveExtensible;@oem25.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-11-21 44544]

[milos736]

Cast 2 Logu:

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-06-14 1281640]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-23 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 CG6Service;CyberGhost 6 Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [2016-08-18 71728]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-24 270016]
S3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-06-19 277120]
S3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
S3 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-04-24 310400]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
S3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-24 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]

-----------------EOF-----------------

[Márty84]

Zdravim

Kouknete do slozky C:\Windows\Minidump . Pokud v ni budou nejake soubory, uplodnete je treba na leteckou postu http://leteckaposta.cz/ a sem dejte odkaz na stazeni.

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[milos736]

Velka vdaka za pomoc. V C:\Windows\Minidump taka slozka nie je, ale mam tam este C:\Windows.old\WINDOWS iba slozka WinSxS a v nej
takmer 25 000 priecinkov velkost 15 GB, to neviem co je, kedze vsetky priecinky su takmer rovnake.tu je screen:
http://www.imageworld.sk/images/zxi5965 ... 28evmb.png

Log z Cristal disk:

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.2 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/08/25 12:48:18

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- HGST HTS541075A9E680
- TSSTcorp CDDVDW SN-208DN
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) HGST HTS541075A9E680 : 750,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) HGST HTS541075A9E680
----------------------------------------------------------------------------
Model : HGST HTS541075A9E680
Firmware : JA2OA560
Serial Number : JA12021G0E9N1K
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 9846 hod.
Power On Count : 1512 krát
Temperature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4001h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 217 217 _33 001200000001 Čas na roztočení ploten
04 _99 _99 __0 000000000A20 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _78 _78 __0 000000002676 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000005E8 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000001 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000001A Počet vypnutí disku
C1 100 100 __0 000000001B49 Počet cyklů načítání/vymazání
C2 187 187 __0 003100030020 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 00000000005F Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 4A41 3132 3032 3147 3045 394E 314B
020: 0003 4000 0004 4A41 324F 4135 3630 4847 5354 2048
030: 5453 3534 3130 3735 4139 4536 3830 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0006 005E 004C
080: 01FC 0028 746B 7D69 6163 7469 BC49 6163 007F 0052
090: 0053 4001 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 826C 5000 CCA7
110: 60C6 0D09 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 FA00 0000 4000 2000 0009 0000
140: 0000 0603 0901 0603 0000 0000 0000 0000 0000 0000
150: 0000 0003 3233 4235 0000 2803 0000 5DBD 2388 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 03E0 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BBA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 D9 D9 01
020: 00 00 00 12 00 00 04 12 00 63 63 20 0A 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 4E 4E 76 26 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 E8 05 00 00 00 00 00 BF 0A 00 64 64 01
080: 00 00 00 00 00 00 C0 32 00 64 64 1A 00 00 00 00
090: 00 00 C1 12 00 64 64 49 1B 00 00 00 00 00 C2 02
0A0: 00 BB BB 20 00 03 00 31 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 22 00 64 64 00 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 C8 5F 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 2D 00 01 5B
170: 03 00 01 00 02 A6 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89


Log z adwcleaner:

# AdwCleaner v6.010 - *Logfile created 25/08/2016 *at 12:54:28
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-24.2 [*Server]
# *Operating System : Windows 8.1 (X64)
# *Username : Ja - POCITAC
# *Running from : C:\Users\Ja\Desktop\adwcleaner_6.010.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****



***** [ *Folders ] *****

[-] *Folder deleted: C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
[-] *Folder deleted: C:\Program Files (x86)\FLV Player
[#] *Folder deleted on reboot: C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
[#] *Folder deleted on reboot: C:\Program Files (x86)\FLV Player


***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKU\S-1-5-21-246404532-835643752-1720096512-1001\Software\RST
[#] *Key deleted on reboot: HKCU\Software\RST


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1198 *Bytes] - [25/08/2016 12:54:28]
C:\AdwCleaner\AdwCleaner[S0].txt - [1469 *Bytes] - [25/08/2016 12:53:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1346 *Bytes] ##########

[Márty84]

Ve slozce Minidump se ukladaji zpravy o modre obrazovce. Cili pokud k nejake dojde, objevi se v ni soubor a ten poslete.

Psal jste, ze jste vratil pc do tovarniho nastaveni, ale zrejme ne uplne. Doslo k preinstalovani systemu, ale se zachovanymi daty. Cili ta predchozi verze systemu je cela prave ve slozce Windows.old.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[milos736]

Ja som dal vtedy PC na preinstalovanie so zachovanim sloziek ako , foto, dokument atd... ale preinstalovalo vse z win 8.1 na win 8, vsetky nainstalovane programi odstranilo, potom som PC aktualizoval na win 8.1 a nainstaloval som si potrebne programi, PC aktualizoval cez win update. Tak ta slozka windows.old sa moze zmazat ci nie? A co disk je v poriadku? momentalne prebieha scan MBAN, po skonceni dam log. Ak nabehne znova modra obrazovka tak slozku minidump upnem, ked sa tam objavi. Vdaka za Vas cas.

[Márty84]

V te slozce windows.old by teoreticky mely byt i programy a vsechno, co v tom pc bylo. Ale programy by stejne nejely, musely by se preinstalovat. Takze se muze smazat.

Disk hlasi chybky, ale nic velkeho.

Pockam na vysledky MBAM a podle toho se pak zaridime dale

[milos736]

Ten windows.old nejde zmazat, pise mi Trustedinstaller vam musi pridelit povolenie,nejde ziadno neviem co to znamena? Da sa nejak zmazat?

Pocas skenovania MBAM som nieco robil na disku D, bezna vec, otvoril okno a zachvilu okno zamrzlo nereagovalo, po chvile cele PC
zamrzlo, a skocila modra obrazovka s textom na restart kde sa to zastavilo na (Complete 10 %) a pod tym tento text:
If youd like to know more, you can search online later for this error:
KERNEL_DATA_INPAGE_ERROR
Potom som pc natvrdo musel vypnut, takze opet som nanovo musel spustit MBAM, vysledok poslem.

Minidump slozka je prazdna, ani skryte subory tam nie su.

[Márty84]

Mate admin prava?

Zkuste kdyztak pracovat v nouzovem rezimu.

[milos736]

Ano na zmazanie win.old mam admin prava. skusim v nudzovom rezime zmazat.Tak mbam dokoncil scen,tentokrat sa to podarilo, tu je vysledok. je to ciste.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.8.2016
Čas skenování: 17:33
Protokol: log-mbam.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.08.25.06
Databáze rootkitů: v2016.08.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ja

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 679572
Uplynulý čas: 5 hod, 25 min, 59 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[milos736]

Tak slozka win.old nejde zmazat ani v nudzovom rezime, stale tomu brani ten program ale pritom v beziacich procesoch nie je spusteny.
to by myslim nevadilo ze nejde zmazat, horsie je zamrza a modra obrazovka, robi to len ked daco robim na pc, ked sa scenovalo mbam
tak to za 5 hodin ani raz nespravilo lebo som na pc nic nerobil. Aj pri pisani tohoto textu to zamrzlo a samo restartlo.

Tentokrat ale v minidump je subor , tu je odkaz:

http://leteckaposta.cz/515927952

Niekdy
ked to zamrzne pocut v pc ako nastartuje disk a neda sa nic robit zamrznute a za par sekund az minutu opat pocut ze disk nabehol a ide vse.
Tento text pisem v poznamkovom bloku, dam ulozit a nereaguje asi 30 sekund, potom pocut ako nastartuje disk a az potom to ulozi a pc reaguje.

[JaRon]

jednorazovo zaskocim:
pokial sa objavi kolega spust s príkazového riadku CHKDSK C: /F /R

[milos736]

Vdaka za radu, tak som to spustil cez ten prikaz.riadok, ale stoji to uz 40 minut na 15 %. Je to v poriadku alebo to zamrzlo, co dalej. Mozem potom tvrdy restart, alebo cakat. Pisem z ineho PC, dakujem.

[JaRon]

to vypada, ze zamrzol podozrenie smeruje k HDD, ako aj u kolegu
restartuj PC do núdzového rezimu a tam otestuj s HDTune - cast benchmatk aj Error
ak zamrzne pocas testu, chcelo by to skusit iny disk ,,,

[milos736]

Niekedy sa cakat oplati uz to nabehlo, uvidim ci bude nabiehat modra obrazovka, urobim aj test cez hd tune, vysledok poslem.