Dobrý deň. Previedol som re-inštaláciu Win 7 64 bit. Spustil som Nástroje pre správu a Windows Diagnostika pamäte. Po reštarte mi vypísalo kód chyby 0xc0000428. Prosím o kontrolu. Ďakujem
Posielam log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by ab021 at 2017-09-02 17:47:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 310 GB (74%) free of 417 GB
Total RAM: 4096 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:47:27, on 2. 9. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18763)
Boot mode: Normal
Running processes:
E:\Install 2\RSIT\RSIT.exe
C:\Program Files (x86)\trend micro\ab021.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - D:\TRANSLAT\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\TRANSLAT\WebIE.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - D:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - D:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - D:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\TRANSLAT\WebIE.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop - C:\Users\ab021\AppData\Local\CrossLoop\CrossLoopService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Users\ab021\AppData\Local\CrossLoop\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10977 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\ab021\AppData\Roaming\Mozilla\Firefox\Profiles\8sflwiml.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
"web2pdfextension.15@web2pdf.adobedotcom"=D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - D:\TRANSLAT\WebIE.dll [2017-08-08 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-08-08 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28 140512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-08-08 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-01-22 294456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28 140512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28 140512]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - D:\TRANSLAT\WebIE.dll [2017-08-08 503808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-09-02 17:47:21 ----D---- C:\rsit
2017-09-02 17:47:21 ----D---- C:\Program Files (x86)\trend micro
2017-08-17 14:17:01 ----D---- C:\Windows\Prefetch
2017-08-10 18:05:28 ----D---- C:\Users\ab021\AppData\Roaming\Nero
2017-08-10 17:50:24 ----D---- C:\Program Files (x86)\Common Files\Nero
2017-08-10 17:50:08 ----D---- C:\Program Files (x86)\Nero
2017-08-10 17:49:53 ----D---- C:\ProgramData\Nero
2017-08-10 17:44:34 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2017-08-10 17:43:03 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2017-08-10 17:41:32 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2017-08-10 17:40:00 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2017-08-10 17:38:33 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-08-09 00:04:37 ----A---- C:\Windows\SysWOW64\devil.dll
2017-08-09 00:04:37 ----A---- C:\Windows\SysWOW64\avisynth.dll
2017-08-08 20:04:11 ----A---- C:\Windows\SysWOW64\mshtml.dll
2017-08-08 20:04:08 ----A---- C:\Windows\SysWOW64\jscript9.dll
2017-08-08 20:04:07 ----A---- C:\Windows\SysWOW64\msrepl40.dll
2017-08-08 20:04:07 ----A---- C:\Windows\SysWOW64\msrd3x40.dll
2017-08-08 20:04:07 ----A---- C:\Windows\SysWOW64\msrd2x40.dll
2017-08-08 20:04:07 ----A---- C:\Windows\SysWOW64\msjtes40.dll
2017-08-08 20:04:07 ----A---- C:\Windows\SysWOW64\msjetoledb40.dll
2017-08-08 20:04:07 ----A---- C:\Windows\SysWOW64\msjet40.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\wer.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\tquery.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\Query.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\msxbde40.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\mswstr10.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\mswdat10.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\mspbde40.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\msltus40.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\msjter40.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\msjint40.dll
2017-08-08 20:04:06 ----A---- C:\Windows\SysWOW64\msexcl40.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\wininet.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\wermgr.exe
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\werdiagcontroller.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\urlmon.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\t2embed.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\ntdll.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\ieframe.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2017-08-08 20:04:05 ----A---- C:\Windows\SysWOW64\certcli.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\webcheck.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\vbscript.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\mssrch.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\jscript.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\ieui.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\iertutil.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2017-08-08 20:04:04 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\wdigest.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\sspicli.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\schannel.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\occache.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\mssvp.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\mssph.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\mssitlb.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\msrating.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\kerberos.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\inseng.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\iesetup.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\iernonce.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2017-08-08 20:04:03 ----A---- C:\Windows\SysWOW64\advapi32.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-08-08 20:04:02 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\wow32.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\user.exe
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\srclient.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\setup16.exe
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\secur32.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\mssprxy.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\msshooks.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\msscntrs.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\kernel32.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\instnm.exe
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\cryptbase.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\credssp.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\bcrypt.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\auditpol.exe
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\appidapi.dll
2017-08-08 20:04:02 ----A---- C:\Windows\SysWOW64\apisetschema.dll
2017-08-08 20:04:01 ----A---- C:\Windows\SysWOW64\mstext40.dll
2017-08-08 20:04:01 ----A---- C:\Windows\SysWOW64\msobjs.dll
2017-08-08 20:04:01 ----A---- C:\Windows\SysWOW64\msexch40.dll
2017-08-08 20:04:01 ----A---- C:\Windows\SysWOW64\msaudite.dll
2017-08-08 20:04:01 ----A---- C:\Windows\SysWOW64\adtschema.dll
2017-08-08 17:03:15 ----A---- C:\Windows\TRNCOM.INI
2017-08-08 17:01:38 ----D---- C:\Users\ab021\AppData\Roaming\LangSoft
2017-08-08 17:01:38 ----D---- C:\ProgramData\LangSoft
2017-08-08 16:49:40 ----D---- C:\Program Files (x86)\MSXML 4.0
2017-08-08 16:34:49 ----D---- C:\Users\ab021\AppData\Roaming\YoWindow
2017-08-08 16:34:46 ----D---- C:\ProgramData\YoWindow
2017-08-08 16:34:22 ----D---- C:\Program Files (x86)\YoWindow
2017-08-08 16:26:45 ----A---- C:\Users\ab021\AppData\Roaming\pcouffin.sys
2017-08-08 16:26:45 ----A---- C:\Users\ab021\AppData\Roaming\ezpinst.exe
2017-08-08 16:26:44 ----D---- C:\Users\ab021\AppData\Roaming\Vso
2017-08-08 16:00:08 ----D---- C:\Users\ab021\AppData\Roaming\Skype
2017-08-08 15:59:56 ----D---- C:\Program Files (x86)\Common Files\Skype
2017-08-08 15:59:51 ----RD---- C:\Program Files (x86)\Skype
2017-08-08 15:59:42 ----D---- C:\ProgramData\Skype
2017-08-08 15:56:29 ----D---- C:\Users\ab021\AppData\Roaming\Pamela
2017-08-08 15:56:27 ----A---- C:\Windows\SysWOW64\RemoteControl.dll
2017-08-08 15:48:35 ----D---- C:\ProgramData\Malwarebytes
2017-08-08 15:48:20 ----D---- C:\Users\ab021\AppData\Roaming\Obsidium
2017-08-08 15:35:08 ----D---- C:\Users\ab021\AppData\Roaming\DVDVideoSoft
2017-08-08 15:35:08 ----D---- C:\Program Files (x86)\Common Files\DVDVideoSoft
2017-08-08 15:33:22 ----D---- C:\Users\ab021\AppData\Roaming\Macromedia
2017-08-08 15:29:39 ----D---- C:\Users\ab021\AppData\Roaming\Mozilla
2017-08-08 15:29:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-08 15:29:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-08-08 15:13:58 ----D---- C:\ProgramData\Package Cache
2017-08-08 15:13:40 ----D---- C:\Program Files (x86)\Common Files\DivX Shared
2017-08-08 15:11:20 ----D---- C:\ProgramData\DivX
2017-08-08 15:07:53 ----ASH---- C:\Windows\SysWOW64\KGyGaAvL.sys
2017-08-08 15:07:49 ----D---- C:\Users\ab021\AppData\Roaming\Corel
2017-08-08 15:06:44 ----D---- C:\ProgramData\InstallShield
2017-08-08 15:06:43 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2017-08-08 15:06:27 ----D---- C:\Program Files (x86)\Common Files\Designer
2017-08-08 15:04:56 ----D---- C:\Program Files (x86)\Common Files\Corel
2017-08-08 14:53:52 ----D---- C:\Users\ab021\AppData\Roaming\Popisovac
2017-08-08 14:42:34 ----D---- C:\ProgramData\Adobe
2017-08-08 14:42:34 ----D---- C:\Program Files (x86)\Common Files\Adobe
2017-08-08 14:19:48 ----D---- C:\Program Files (x86)\Google
2017-08-08 12:19:15 ----D---- C:\Users\ab021\AppData\Roaming\Windows Live Writer
2017-08-08 12:17:02 ----D---- C:\Users\ab021\AppData\Roaming\WinRAR
2017-08-08 12:10:38 ----D---- C:\Program Files (x86)\Windows Live
2017-08-08 12:07:57 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2017-08-08 11:59:40 ----D---- C:\Users\ab021\AppData\Roaming\MPC-HC
2017-08-08 11:51:04 ----D---- C:\Program Files (x86)\Common Files\Java
2017-08-08 11:50:54 ----D---- C:\Users\ab021\AppData\Roaming\Sun
2017-08-08 11:50:41 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-08-08 11:50:17 ----D---- C:\ProgramData\Oracle
2017-08-08 11:50:14 ----D---- C:\Program Files (x86)\Java
2017-08-08 11:43:47 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-08-08 11:43:34 ----D---- C:\Windows\SysWOW64\Macromed
2017-08-08 11:38:39 ----D---- C:\Users\ab021\AppData\Roaming\EPSON
2017-08-08 11:32:36 ----D---- C:\Program Files (x86)\EPSON
2017-08-08 11:31:43 ----A---- C:\Windows\EPSMTL32.TXT
2017-08-08 06:44:14 ----SHD---- C:\Config.Msi
2017-08-08 06:37:47 ----A---- C:\Windows\SysWOW64\olepro32.dll
2017-08-08 06:36:47 ----A---- C:\Windows\SysWOW64\KBDYAK.DLL
2017-08-08 06:36:47 ----A---- C:\Windows\SysWOW64\KBDTAT.DLL
2017-08-08 06:36:47 ----A---- C:\Windows\SysWOW64\KBDRU1.DLL
2017-08-08 06:36:47 ----A---- C:\Windows\SysWOW64\KBDRU.DLL
2017-08-08 06:36:47 ----A---- C:\Windows\SysWOW64\KBDBASH.DLL
2017-08-08 06:26:13 ----A---- C:\Windows\SysWOW64\fsutil.exe
2017-08-08 06:26:13 ----A---- C:\Windows\SysWOW64\esent.dll
2017-08-07 23:05:49 ----D---- C:\Windows\SysWOW64\Wat
2017-08-07 21:59:59 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-08-07 20:27:25 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2017-08-07 20:25:39 ----D---- C:\Windows\Migration
2017-08-07 19:41:11 ----A---- C:\Windows\SysWOW64\wmi.dll
2017-08-07 19:32:30 ----A---- C:\Windows\SysWOW64\infocardapi.dll
2017-08-07 19:32:30 ----A---- C:\Windows\SysWOW64\icardagt.exe
2017-08-07 19:32:29 ----A---- C:\Windows\SysWOW64\icardres.dll
2017-08-07 19:32:17 ----A---- C:\Windows\SysWOW64\TsWpfWrp.exe
2017-08-07 19:29:43 ----A---- C:\Windows\SysWOW64\wdi.dll
2017-08-07 19:29:41 ----A---- C:\Windows\SysWOW64\cewmdm.dll
2017-08-07 19:29:08 ----A---- C:\Windows\SysWOW64\odbctrac.dll
2017-08-07 19:29:08 ----A---- C:\Windows\SysWOW64\odbcjt32.dll
2017-08-07 19:29:08 ----A---- C:\Windows\SysWOW64\odbccu32.dll
2017-08-07 19:29:08 ----A---- C:\Windows\SysWOW64\odbccr32.dll
2017-08-07 19:29:08 ----A---- C:\Windows\SysWOW64\odbccp32.dll
2017-08-07 19:29:03 ----A---- C:\Windows\SysWOW64\sbe.dll
2017-08-07 19:28:52 ----A---- C:\Windows\SysWOW64\tracerpt.exe
2017-08-07 19:28:52 ----A---- C:\Windows\SysWOW64\sechost.dll
2017-08-07 19:28:52 ----A---- C:\Windows\SysWOW64\logman.exe
2017-08-07 19:28:51 ----A---- C:\Windows\SysWOW64\typeperf.exe
2017-08-07 19:28:51 ----A---- C:\Windows\SysWOW64\relog.exe
2017-08-07 19:28:51 ----A---- C:\Windows\SysWOW64\diskperf.exe
2017-08-07 19:28:24 ----A---- C:\Windows\SysWOW64\mtxoci.dll
2017-08-07 19:28:23 ----A---- C:\Windows\SysWOW64\msorcl32.dll
2017-08-07 19:28:04 ----A---- C:\Windows\SysWOW64\tsgqec.dll
2017-08-07 19:28:04 ----A---- C:\Windows\SysWOW64\mstscax.dll
2017-08-07 19:28:04 ----A---- C:\Windows\SysWOW64\aaclient.dll
2017-08-07 19:27:27 ----A---- C:\Windows\SysWOW64\msieftp.dll
2017-08-07 19:27:01 ----A---- C:\Windows\SysWOW64\TSWorkspace.dll
2017-08-07 19:26:37 ----A---- C:\Windows\SysWOW64\ntprint.exe
2017-08-07 19:26:37 ----A---- C:\Windows\SysWOW64\ntprint.dll
2017-08-07 19:26:36 ----A---- C:\Windows\SysWOW64\xmllite.dll
2017-08-07 19:26:33 ----A---- C:\Windows\SysWOW64\mapistub.dll
2017-08-07 19:26:33 ----A---- C:\Windows\SysWOW64\mapi32.dll
2017-08-07 19:26:33 ----A---- C:\Windows\SysWOW64\fixmapi.exe
2017-08-07 19:26:24 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2017-08-07 19:26:06 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2017-08-07 19:26:06 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2017-08-07 19:26:01 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2017-08-07 19:26:01 ----A---- C:\Windows\SysWOW64\dwmapi.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\wudriver.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\wuapp.exe
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\ucrtbase.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-08-07 19:25:17 ----A---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-08-07 19:25:16 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2017-08-07 19:25:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-08-07 19:25:06 ----A---- C:\Windows\SysWOW64\wuapi.dll
2017-08-07 19:25:06 ----A---- C:\Windows\SysWOW64\wmp.dll
2017-08-07 19:25:05 ----A---- C:\Windows\SysWOW64\DWrite.dll
2017-08-07 19:25:04 ----A---- C:\Windows\SysWOW64\shell32.dll
2017-08-07 19:25:04 ----A---- C:\Windows\SysWOW64\mf.dll
2017-08-07 19:25:02 ----A---- C:\Windows\SysWOW64\blackbox.dll
2017-08-07 19:25:01 ----A---- C:\Windows\SysWOW64\drmv2clt.dll
2017-08-07 19:25:00 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2017-08-07 19:25:00 ----A---- C:\Windows\SysWOW64\MSVidCtl.dll
2017-08-07 19:25:00 ----A---- C:\Windows\SysWOW64\msi.dll
2017-08-07 19:24:59 ----A---- C:\Windows\SysWOW64\ole32.dll
2017-08-07 19:24:59 ----A---- C:\Windows\SysWOW64\msxml3.dll
2017-08-07 19:24:58 ----A---- C:\Windows\SysWOW64\wmdrmsdk.dll
2017-08-07 19:24:58 ----A---- C:\Windows\SysWOW64\quartz.dll
2017-08-07 19:24:58 ----A---- C:\Windows\SysWOW64\crypt32.dll
2017-08-07 19:24:56 ----A---- C:\Windows\SysWOW64\win32spl.dll
2017-08-07 19:24:56 ----A---- C:\Windows\SysWOW64\UIAnimation.dll
2017-08-07 19:24:56 ----A---- C:\Windows\SysWOW64\msctf.dll
2017-08-07 19:24:56 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2017-08-07 19:24:56 ----A---- C:\Windows\SysWOW64\evr.dll
2017-08-07 19:24:56 ----A---- C:\Windows\SysWOW64\authui.dll
2017-08-07 19:24:56 ----A---- C:\Windows\HelpPane.exe
2017-08-07 19:24:55 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2017-08-07 19:24:55 ----A---- C:\Windows\SysWOW64\cdosys.dll
2017-08-07 19:24:54 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2017-08-07 19:24:54 ----A---- C:\Windows\SysWOW64\qdvd.dll
2017-08-07 19:24:54 ----A---- C:\Windows\SysWOW64\IMJP10K.DLL
2017-08-07 19:24:54 ----A---- C:\Windows\SysWOW64\drmmgrtn.dll
2017-08-07 19:24:54 ----A---- C:\Windows\SysWOW64\atmfd.dll
2017-08-07 19:24:53 ----A---- C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-08-07 19:24:53 ----A---- C:\Windows\SysWOW64\wintrust.dll
2017-08-07 19:24:53 ----A---- C:\Windows\SysWOW64\usp10.dll
2017-08-07 19:24:53 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2017-08-07 19:24:53 ----A---- C:\Windows\SysWOW64\AUDIOKSE.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\WsmWmiPl.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\user32.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\msihnd.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\mfplat.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\gdi32.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\davclnt.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\cryptui.dll
2017-08-07 19:24:52 ----A---- C:\Windows\SysWOW64\AudioEng.dll
2017-08-07 19:24:51 ----A---- C:\Windows\SysWOW64\WsmAuto.dll
2017-08-07 19:24:51 ----A---- C:\Windows\SysWOW64\pla.dll
2017-08-07 19:24:51 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2017-08-07 19:24:51 ----A---- C:\Windows\SysWOW64\AudioSes.dll
2017-08-07 19:24:50 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2017-08-07 19:24:49 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2017-08-07 19:24:49 ----A---- C:\Windows\SysWOW64\Wldap32.dll
2017-08-07 19:24:48 ----A---- C:\Windows\SysWOW64\wups.dll
2017-08-07 19:24:48 ----A---- C:\Windows\SysWOW64\pdh.dll
2017-08-07 19:24:47 ----A---- C:\Windows\SysWOW64\wdc.dll
2017-08-07 19:24:47 ----A---- C:\Windows\SysWOW64\MigAutoPlay.exe
2017-08-07 19:24:47 ----A---- C:\Windows\SysWOW64\mfps.dll
2017-08-07 19:24:47 ----A---- C:\Windows\SysWOW64\cryptsp.dll
2017-08-07 19:24:47 ----A---- C:\Windows\SysWOW64\bcryptprimitives.dll
2017-08-07 19:24:47 ----A---- C:\Windows\SysWOW64\adsmsext.dll
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\rundll32.exe
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\pdhui.dll
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\msinfo32.exe
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\msiexec.exe
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\mscms.dll
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\mfmjpegdec.dll
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\input.dll
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\icm32.dll
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\hlink.dll
2017-08-07 19:24:46 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2017-08-07 19:24:45 ----A---- C:\Windows\SysWOW64\samlib.dll
2017-08-07 19:24:45 ----A---- C:\Windows\SysWOW64\oleres.dll
2017-08-07 19:24:45 ----A---- C:\Windows\SysWOW64\nlsbres.dll
2017-08-07 19:24:45 ----A---- C:\Windows\SysWOW64\msscp.dll
2017-08-07 19:24:44 ----A---- C:\Windows\SysWOW64\wvc.dll
2017-08-07 19:24:44 ----A---- C:\Windows\SysWOW64\WcsPlugInService.dll
2017-08-07 19:24:44 ----A---- C:\Windows\SysWOW64\rrinstaller.exe
2017-08-07 19:24:44 ----A---- C:\Windows\SysWOW64\perfmon.exe
2017-08-07 19:24:44 ----A---- C:\Windows\SysWOW64\msnetobj.dll
2017-08-07 19:24:44 ----A---- C:\Windows\SysWOW64\mfpmp.exe
2017-08-07 19:24:43 ----A---- C:\Windows\SysWOW64\wsmprovhost.exe
2017-08-07 19:24:43 ----A---- C:\Windows\SysWOW64\wsmplpxy.dll
2017-08-07 19:24:43 ----A---- C:\Windows\SysWOW64\resmon.exe
2017-08-07 19:24:43 ----A---- C:\Windows\SysWOW64\lpk.dll
2017-08-07 19:24:43 ----A---- C:\Windows\SysWOW64\dciman32.dll
2017-08-07 19:24:43 ----A---- C:\Windows\SysWOW64\comcat.dll
2017-08-07 19:24:43 ----A---- C:\Windows\SysWOW64\atmlib.dll
2017-08-07 19:24:42 ----A---- C:\Windows\SysWOW64\WsmRes.dll
2017-08-07 19:24:42 ----A---- C:\Windows\SysWOW64\spwmp.dll
2017-08-07 19:24:42 ----A---- C:\Windows\SysWOW64\msimsg.dll
2017-08-07 19:24:42 ----A---- C:\Windows\SysWOW64\mferror.dll
2017-08-07 19:24:42 ----A---- C:\Windows\SysWOW64\INETRES.dll
2017-08-07 19:24:42 ----A---- C:\Windows\SysWOW64\fontsub.dll
2017-08-07 19:24:42 ----A---- C:\Windows\SysWOW64\dxmasf.dll
2017-08-07 19:24:41 ----A---- C:\Windows\SysWOW64\tzres.dll
2017-08-07 19:24:41 ----A---- C:\Windows\SysWOW64\msxml3r.dll
2017-08-07 19:23:49 ----A---- C:\Windows\SysWOW64\ubpm.dll
2017-08-07 19:23:00 ----A---- C:\Windows\SysWOW64\osk.exe
2017-08-07 19:22:50 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2017-08-07 19:22:27 ----A---- C:\Windows\SysWOW64\explorer.exe
2017-08-07 19:22:27 ----A---- C:\Windows\explorer.exe
2017-08-07 19:22:06 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2017-08-07 19:21:59 ----A---- C:\Windows\SysWOW64\mscories.dll
2017-08-07 19:21:59 ----A---- C:\Windows\SysWOW64\mscorier.dll
2017-08-07 19:21:59 ----A---- C:\Windows\SysWOW64\dfshim.dll
2017-08-07 19:21:55 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2017-08-07 19:21:55 ----A---- C:\Windows\SysWOW64\ncsi.dll
2017-08-07 19:21:37 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2017-08-07 19:20:45 ----A---- C:\Windows\SysWOW64\tdh.dll
2017-08-07 19:20:26 ----A---- C:\Windows\SysWOW64\d2d1.dll
2017-08-07 19:20:17 ----A---- C:\Windows\SysWOW64\EncDec.dll
2017-08-07 19:20:17 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2017-08-07 19:19:49 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2017-08-07 19:19:49 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2017-08-07 19:19:49 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2017-08-07 19:19:49 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2017-08-07 19:19:48 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2017-08-07 19:19:48 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2017-08-07 19:19:48 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2017-08-07 19:19:48 ----A---- C:\Windows\SysWOW64\secproc.dll
2017-08-07 19:19:48 ----A---- C:\Windows\SysWOW64\msdrm.dll
2017-08-07 19:19:01 ----A---- C:\Windows\SysWOW64\objsel.dll
2017-08-07 19:19:00 ----A---- C:\Windows\SysWOW64\wincredprovider.dll
2017-08-07 19:19:00 ----A---- C:\Windows\SysWOW64\dpapiprovider.dll
2017-08-07 19:19:00 ----A---- C:\Windows\SysWOW64\dimsroam.dll
2017-08-07 19:19:00 ----A---- C:\Windows\SysWOW64\cngprovider.dll
2017-08-07 19:19:00 ----A---- C:\Windows\SysWOW64\capiprovider.dll
2017-08-07 19:19:00 ----A---- C:\Windows\SysWOW64\adprovider.dll
2017-08-07 19:18:37 ----A---- C:\Windows\SysWOW64\winsta.dll
2017-08-07 19:18:37 ----A---- C:\Windows\SysWOW64\mstsc.exe
2017-08-07 19:18:19 ----A---- C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-08-07 19:18:18 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2017-08-07 19:18:18 ----A---- C:\Windows\SysWOW64\msmpeg2adec.dll
2017-08-07 19:18:17 ----A---- C:\Windows\SysWOW64\WMVSDECD.DLL
2017-08-07 19:18:17 ----A---- C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-08-07 19:18:17 ----A---- C:\Windows\SysWOW64\WMADMOE.DLL
2017-08-07 19:18:17 ----A---- C:\Windows\SysWOW64\WMADMOD.DLL
2017-08-07 19:18:17 ----A---- C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-08-07 19:18:15 ----A---- C:\Windows\SysWOW64\WMVENCOD.DLL
2017-08-07 19:18:15 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2017-08-07 19:18:15 ----A---- C:\Windows\SysWOW64\COLORCNV.DLL
2017-08-07 19:18:14 ----A---- C:\Windows\SysWOW64\WMVXENCD.DLL
2017-08-07 19:18:14 ----A---- C:\Windows\SysWOW64\devenum.dll
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\WMVSENCD.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\WMSPDMOE.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\VIDRESZR.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\qasf.dll
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\MPG4DECD.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\MP4SDECD.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\MP43DECD.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\MP3DMOD.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\MFWMAAEC.DLL
2017-08-07 19:18:13 ----A---- C:\Windows\SysWOW64\mfvdsp.dll
2017-08-07 19:18:12 ----A---- C:\Windows\SysWOW64\ksuser.dll
2017-08-07 19:18:07 ----A---- C:\Windows\SysWOW64\pku2u.dll
2017-08-07 19:17:58 ----A---- C:\Windows\SysWOW64\shimeng.dll
2017-08-07 19:17:58 ----A---- C:\Windows\SysWOW64\sdbinst.exe
2017-08-07 19:17:58 ----A---- C:\Windows\SysWOW64\apphelp.dll
2017-08-07 19:17:47 ----A---- C:\Windows\SysWOW64\Wpc.dll
2017-08-07 19:17:47 ----A---- C:\Windows\SysWOW64\gameux.dll
2017-08-07 19:17:28 ----A---- C:\Windows\SysWOW64\tbs.dll
2017-08-07 19:16:21 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2017-08-07 19:16:19 ----A---- C:\Windows\SysWOW64\netcorehc.dll
2017-08-07 19:16:18 ----A---- C:\Windows\SysWOW64\netevent.dll
2017-08-07 19:16:10 ----A---- C:\Windows\SysWOW64\mfc42.dll
2017-08-07 19:16:09 ----A---- C:\Windows\SysWOW64\mfc42u.dll
2017-08-07 19:16:02 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-08-07 19:16:02 ----A---- C:\Windows\SysWOW64\credui.dll
2017-08-07 19:15:47 ----A---- C:\Windows\SysWOW64\wpdshext.dll
2017-08-07 19:15:45 ----A---- C:\Windows\SysWOW64\mfds.dll
2017-08-07 19:15:36 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe
2017-08-07 19:15:36 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2017-08-07 19:15:34 ----A---- C:\Windows\SysWOW64\notepad.exe
2017-08-07 19:15:34 ----A---- C:\Windows\notepad.exe
2017-08-07 19:15:30 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2017-08-07 19:15:25 ----A---- C:\Windows\SysWOW64\comctl32.dll
2017-08-07 19:15:23 ----A---- C:\Windows\SysWOW64\dpnet.dll
2017-08-07 19:15:20 ----A---- C:\Windows\SysWOW64\comsvcs.dll
2017-08-07 19:15:20 ----A---- C:\Windows\SysWOW64\catsrvut.dll
2017-08-07 19:15:17 ----A---- C:\Windows\SysWOW64\qedit.dll
2017-08-07 19:15:16 ----A---- C:\Windows\SysWOW64\wshrm.dll
2017-08-07 19:15:15 ----A---- C:\Windows\SysWOW64\rastls.dll
2017-08-07 19:15:13 ----A---- C:\Windows\SysWOW64\iologmsg.dll
2017-08-07 19:15:03 ----A---- C:\Windows\SysWOW64\cryptdlg.dll
2017-08-07 19:06:57 ----A---- C:\Windows\SysWOW64\shdocvw.dll
2017-08-07 19:06:30 ----A---- C:\Windows\SysWOW64\msxml6r.dll
2017-08-07 19:06:30 ----A---- C:\Windows\SysWOW64\msxml6.dll
2017-08-07 19:06:26 ----A---- C:\Windows\SysWOW64\synceng.dll
2017-08-07 19:06:08 ----A---- C:\Windows\SysWOW64\winipsec.dll
2017-08-07 19:06:08 ----A---- C:\Windows\SysWOW64\polstore.dll
2017-08-07 19:06:08 ----A---- C:\Windows\SysWOW64\gpscript.exe
2017-08-07 19:06:08 ----A---- C:\Windows\SysWOW64\gpscript.dll
2017-08-07 19:06:08 ----A---- C:\Windows\SysWOW64\gpprefcl.dll
2017-08-07 19:06:08 ----A---- C:\Windows\SysWOW64\gpapi.dll
2017-08-07 19:06:08 ----A---- C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-08-07 19:05:51 ----A---- C:\Windows\SysWOW64\ws2_32.dll
2017-08-07 19:05:51 ----A---- C:\Windows\SysWOW64\winhttp.dll
2017-08-07 19:05:51 ----A---- C:\Windows\SysWOW64\netbtugc.exe
2017-08-07 19:05:51 ----A---- C:\Windows\SysWOW64\mswsock.dll
2017-08-07 19:05:45 ----A---- C:\Windows\SysWOW64\drvinst.exe
2017-08-07 19:05:45 ----A---- C:\Windows\SysWOW64\devrtl.dll
2017-08-07 19:05:45 ----A---- C:\Windows\SysWOW64\devobj.dll
2017-08-07 19:05:45 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll
2017-08-07 19:05:32 ----A---- C:\Windows\SysWOW64\charmap.exe
2017-08-07 19:05:31 ----A---- C:\Windows\SysWOW64\netapi32.dll
2017-08-07 19:05:31 ----A---- C:\Windows\SysWOW64\browcli.dll
2017-08-07 19:05:28 ----A---- C:\Windows\SysWOW64\webio.dll
2017-08-07 19:05:27 ----A---- C:\Windows\SysWOW64\packager.dll
2017-08-07 18:58:59 ----A---- C:\Windows\SysWOW64\poqexec.exe
2017-08-07 18:58:57 ----A---- C:\Windows\SysWOW64\InkEd.dll
2017-08-07 18:58:56 ----A---- C:\Windows\SysWOW64\prevhost.exe
2017-08-07 18:42:43 ----A---- C:\Windows\SysWOW64\msvcrt.dll
2017-08-07 18:42:42 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2017-08-07 18:42:42 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2017-08-07 18:42:41 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2017-08-07 18:42:29 ----A---- C:\Windows\SysWOW64\clfsw32.dll
2017-08-07 18:42:19 ----A---- C:\Windows\SysWOW64\certutil.exe
2017-08-07 18:42:18 ----A---- C:\Windows\SysWOW64\certenc.dll
2017-08-07 18:42:10 ----A---- C:\Windows\SysWOW64\scesrv.dll
2017-08-07 18:42:03 ----A---- C:\Windows\SysWOW64\wscript.exe
2017-08-07 18:42:01 ----A---- C:\Windows\SysWOW64\scrrun.dll
2017-08-07 18:42:01 ----A---- C:\Windows\SysWOW64\cscript.exe
2017-08-07 18:42:00 ----A---- C:\Windows\SysWOW64\oleacc.dll
2017-08-07 18:41:58 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2017-08-07 18:41:57 ----A---- C:\Windows\SysWOW64\els.dll
2017-08-07 18:37:23 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2017-08-07 18:22:22 ----D---- C:\Users\ab021\AppData\Roaming\GHISLER
2017-08-07 18:08:54 ----D---- C:\Users\ab021\AppData\Roaming\ESET
2017-08-07 18:04:21 ----D---- C:\ProgramData\ESET
2017-08-07 17:50:29 ----D---- C:\Windows\PCHEALTH
2017-08-07 17:50:29 ----D---- C:\Program Files (x86)\Microsoft.NET
2017-08-07 17:48:48 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2017-08-07 17:47:46 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2017-08-07 17:47:02 ----D---- C:\Program Files (x86)\Microsoft Office
2017-08-07 17:46:59 ----D---- C:\ProgramData\Microsoft Help
2017-08-07 17:46:44 ----SHD---- C:\Windows\Installer
2017-08-07 17:46:38 ----RHD---- C:\MSOCache
2017-08-07 17:31:43 ----D---- C:\Windows\Pixart
2017-08-07 17:31:43 ----D---- C:\Program Files (x86)\Trust Webcam 16175
2017-08-07 17:31:43 ----A---- C:\Windows\SysWOW64\SP7302.INI
2017-08-07 17:31:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-08-07 17:31:25 ----D---- C:\Users\ab021\AppData\Roaming\InstallShield
2017-08-07 17:16:55 ----D---- C:\Users\ab021\AppData\Roaming\Adobe
2017-08-07 17:09:58 ----A---- C:\Windows\SysWOW64\elshyph.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\wextract.exe
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\url.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\msls31.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\mshta.exe
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\jsIntl.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\imgutil.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\iexpress.exe
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\iepeers.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2017-08-07 17:09:51 ----A---- C:\Windows\SysWOW64\icardie.dll
2017-08-07 17:07:19 ----D---- C:\Windows\Panther
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-08-07 17:05:13 ----AH---- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\dxgi.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\d3d10core.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2017-08-07 17:05:13 ----A---- C:\Windows\SysWOW64\d3d10.dll
2017-08-07 17:02:03 ----A---- C:\Windows\SysWOW64\d3d11.dll
2017-08-07 16:23:59 ----A---- C:\Windows\SysWOW64\mstask.dll
2017-08-07 16:23:59 ----A---- C:\Windows\SysWOW64\MSAC3ENC.DLL
2017-08-07 16:23:59 ----A---- C:\Windows\SysWOW64\mobsync.exe
2017-08-07 16:23:59 ----A---- C:\Windows\SysWOW64\MMDevAPI.dll
2017-08-07 16:23:59 ----A---- C:\Windows\SysWOW64\KBDLT1.DLL
2017-08-07 16:23:59 ----A---- C:\Windows\SysWOW64\KBDINTEL.DLL
2017-08-07 16:23:59 ----A---- C:\Windows\SysWOW64\KBDCZ1.DLL
2017-08-07 16:23:56 ----A---- C:\Windows\SysWOW64\raschap.dll
2017-08-07 16:23:56 ----A---- C:\Windows\SysWOW64\RacEngn.dll
2017-08-07 16:23:56 ----A---- C:\Windows\SysWOW64\provsvc.dll
2017-08-07 16:23:56 ----A---- C:\Windows\SysWOW64\MediaMetadataHandler.dll
2017-08-07 16:23:56 ----A---- C:\Windows\SysWOW64\lsmproxy.dll
2017-08-07 16:23:56 ----A---- C:\Windows\SysWOW64\logagent.exe
2017-08-07 16:23:56 ----A---- C:\Windows\SysWOW64\iTVData.dll
2017-08-07 16:23:55 ----A---- C:\Windows\SysWOW64\schtasks.exe
2017-08-07 16:23:55 ----A---- C:\Windows\SysWOW64\samcli.dll
2017-08-07 16:23:55 ----A---- C:\Windows\SysWOW64\Robocopy.exe
2017-08-07 16:23:55 ----A---- C:\Windows\SysWOW64\ReAgent.dll
2017-08-07 16:23:55 ----A---- C:\Windows\SysWOW64\rdprefdrvapi.dll
2017-08-07 16:23:55 ----A---- C:\Windows\SysWOW64\propsys.dll
2017-08-07 16:23:55 ----A---- C:\Windows\SysWOW64\ncryptui.dll
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\ntlanman.dll
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\netiougc.exe
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\netiohlp.dll
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\netcfgx.dll
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\imapi2.dll
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\cmd.exe
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\C_ISCII.DLL
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2017-08-07 16:23:54 ----A---- C:\Windows\SysWOW64\activeds.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\themecpl.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\tcpipcfg.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\systemcpl.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\sppinst.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\spp.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\spbcd.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\shsetup.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\shlwapi.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\dskquoui.dll
2017-08-07 16:23:53 ----A---- C:\Windows\SysWOW64\diskpart.exe
2017-08-07 16:23:52 ----A---- C:\Windows\twain_32.dll
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\wtsapi32.dll
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\WPDSp.dll
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\wmpsrcwp.dll
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\wiadefui.dll
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\untfs.dll
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\unlodctr.exe
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\tzutil.exe
2017-08-07 16:23:52 ----A---- C:\Windows\SysWOW64\srvcli.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\wavemsp.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\shacct.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\setupugc.exe
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\setupapi.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\OnLineIDCpl.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\nshipsec.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\mprapi.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\logoncli.dll
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\KBDSF.DLL
2017-08-07 16:23:51 ----A---- C:\Windows\SysWOW64\itircl.dll
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\ocsetup.exe
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\ocsetapi.dll
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\NAPCRYPT.DLL
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\MuiUnattend.exe
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\drvstore.dll
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\dot3ui.dll
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\dot3cfg.dll
2017-08-07 16:23:50 ----A---- C:\Windows\SysWOW64\autochk.exe
2017-08-07 16:23:45 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2017-08-07 16:23:45 ----A---- C:\Windows\SysWOW64\cabview.dll
2017-08-07 16:23:45 ----A---- C:\Windows\SysWOW64\Bubbles.scr
2017-08-07 16:23:45 ----A---- C:\Windows\SysWOW64\AdmTmpl.dll
2017-08-07 16:23:45 ----A---- C:\Windows\SysWOW64\accessibilitycpl.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\UIRibbonRes.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\UIRibbon.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\TRAPI.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\themeui.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\imm32.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\fde.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\elsTrans.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\efscore.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\eapphost.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\eappgnui.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\eapp3hst.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\DxpTaskSync.dll
2017-08-07 16:23:44 ----A---- C:\Windows\SysWOW64\dxdiagn.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\zipfldr.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\WMVCORE.DLL
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\WMPEncEn.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\wlanui.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\winmm.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\wdscore.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\wbemcomn.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\usercpl.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\upnp.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\taskschd.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\taskeng.exe
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\SyncCenter.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\schedcli.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\Ribbons.scr
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\rastapi.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\powercpl.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2017-08-07 16:23:43 ----A---- C:\Windows\SysWOW64\PerfCenterCPL.dll
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\sud.dll
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\sppcomapi.dll
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\slwga.dll
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\setupcln.dll
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\SessEnv.dll
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\qcap.dll
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\KBDUGHR1.DLL
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\KBDTUF.DLL
2017-08-07 16:23:42 ----A---- C:\Windows\SysWOW64\KBDSG.DLL
2017-08-07 16:23:42 ----A---- C:\Windows\splwow64.exe
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\pnidui.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\olethk32.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\odbcconf.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\networkmap.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\networkexplorer.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\netshell.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\migisol.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\KBDPO.DLL
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\KBDMAORI.DLL
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\KBDINORI.DLL
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\KBDINKAN.DLL
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\KBDBLR.DLL
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\isoburn.exe
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\iscsium.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\iscsicli.exe
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\ipsmsnap.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\iprtrmgr.dll
2017-08-07 16:23:39 ----A---- C:\Windows\SysWOW64\imapi2fs.dll
2017-08-07 16:23:38 ----A---- C:\Windows\SysWOW64\nci.dll
2017-08-07 16:23:38 ----A---- C:\Windows\SysWOW64\napdsnap.dll
2017-08-07 16:23:38 ----A---- C:\Windows\SysWOW64\muifontsetup.dll
2017-08-07 16:23:38 ----A---- C:\Windows\SysWOW64\DevicePairingFolder.dll
2017-08-07 16:23:38 ----A---- C:\Windows\SysWOW64\CertPolEng.dll
2017-08-07 16:23:38 ----A---- C:\Windows\SysWOW64\calc.exe
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\hgcpl.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\ftp.exe
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\FirewallControlPanel.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\findstr.exe
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\fdeploy.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\eudcedit.exe
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\dsauth.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\dpx.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\dpnaddr.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\dnscmmc.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\batmeter.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\appmgr.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\ActionCenterCPL.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\ActionCenter.dll
2017-08-07 16:23:37 ----A---- C:\Windows\SysWOW64\acppage.dll
2017-08-07 16:23:37 ----A---- C:\Windows\bfsvc.exe
2017-08-07 16:23:36 ----A---- C:\Windows\SysWOW64\unimdmat.dll
2017-08-07 16:23:36 ----A---- C:\Windows\SysWOW64\twext.dll
2017-08-07 16:23:36 ----A---- C:\Windows\SysWOW64\tcpmonui.dll
2017-08-07 16:23:36 ----A---- C:\Windows\SysWOW64\takeown.exe
2017-08-07 16:23:33 ----A---- C:\Windows\SysWOW64\wlanmsm.dll
2017-08-07 16:23:33 ----A---- C:\Windows\SysWOW64\WinSCard.dll
2017-08-07 16:23:33 ----A---- C:\Windows\SysWOW64\stobject.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\wusa.exe
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\wsnmp32.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\WPDShServiceObj.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\wimserv.exe
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\wimgapi.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\wiavideo.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\webservices.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\w32tm.exe
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\Vault.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\userinit.exe
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\userenv.dll
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\ReAgentc.exe
2017-08-07 16:23:32 ----A---- C:\Windows\SysWOW64\rdpd3d.dll
2017-08-07 16:23:31 ----A---- C:\Windows\SysWOW64\scecli.dll
2017-08-07 16:23:31 ----A---- C:\Windows\SysWOW64\RpcRtRemote.dll
2017-08-07 16:23:31 ----A---- C:\Windows\SysWOW64\remotepg.dll
2017-08-07 16:23:31 ----A---- C:\Windows\SysWOW64\QUTIL.DLL
2017-08-07 16:23:31 ----A---- C:\Windows\SysWOW64\QCLIPROV.DLL
2017-08-07 16:23:31 ----A---- C:\Windows\SysWOW64\QAGENT.DLL
2017-08-07 16:23:31 ----A---- C:\Windows\SysWOW64\prntvpt.dll
2017-08-07 16:23:30 ----A---- C:\Windows\SysWOW64\SndVolSSO.dll
2017-08-07 16:23:30 ----A---- C:\Windows\SysWOW64\SndVol.exe
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\nslookup.exe
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\mprddm.dll
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\mmcndmgr.dll
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\mcbuilder.exe
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\KBDTURME.DLL
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\KBDTUQ.DLL
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\KBDNEPR.DLL
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\KBDGR1.DLL
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\KBDGEO.DLL
2017-08-07 16:23:29 ----A---- C:\Windows\SysWOW64\IPHLPAPI.DLL
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\PortableDeviceStatus.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\pifmgr.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\onexui.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\onex.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\odbc32.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\netid.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\Mystify.scr
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\msvfw32.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\msrle32.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\mscoree.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\msasn1.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\httpapi.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\dhcpcore.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\d3d9.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\comdlg32.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\basecsp.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\avifil32.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\AuthFWSnapin.dll
2017-08-07 16:23:28 ----A---- C:\Windows\SysWOW64\adsldp.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\tapisrv.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\ssText3d.scr
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\sppc.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\iasrad.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\iasacct.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\framedynos.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\framedyn.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\fontext.dll
2017-08-07 16:23:27 ----A---- C:\Windows\SysWOW64\Display.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\wscapi.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\wmpps.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\wmpdxm.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\wmdrmnet.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\wmdrmdev.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\uxlib.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\utildll.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\srchadmin.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\sqlsrv32.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\sqlcese30.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\spwizres.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\spwizeng.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\shsvcs.dll
2017-08-07 16:23:26 ----A---- C:\Windows\SysWOW64\SearchFolder.dll
2017-08-07 16:23:24 ----A---- C:\Windows\SysWOW64\QSVRMGMT.DLL
2017-08-07 16:23:24 ----A---- C:\Windows\SysWOW64\proquota.exe
2017-08-07 16:23:24 ----A---- C:\Windows\SysWOW64\prnfldr.dll
2017-08-07 16:23:22 ----A---- C:\Windows\SysWOW64\riched32.dll
2017-08-07 16:23:22 ----A---- C:\Windows\SysWOW64\riched20.dll
2017-08-07 16:23:22 ----A---- C:\Windows\SysWOW64\QSHVHOST.DLL
2017-08-07 16:23:22 ----A---- C:\Windows\SysWOW64\qdv.dll
2017-08-07 16:23:20 ----A---- C:\Windows\SysWOW64\shimgvw.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\netutils.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\netplwiz.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\netjoin.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\NAPHLPR.DLL
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\mydocs.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\mtxclu.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\mimefilt.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\mfc40.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\mciqtz32.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\localsec.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\kbdlk41a.dll
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\KBDINBEN.DLL
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\KBDGKL.DLL
2017-08-07 16:23:19 ----A---- C:\Windows\SysWOW64\KBDBULG.DLL
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\Faultrep.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\dsuiext.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\dbghelp.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\dbgeng.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\cscobj.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\cmstp.exe
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\clusapi.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\certmgr.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\bitsadmin.exe
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\AzSqlExt.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\azroles.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\autoplay.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\autofmt.exe
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\audiodev.dll
2017-08-07 16:23:18 ----A---- C:\Windows\SysWOW64\amstream.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\tsmf.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\tlscsp.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\syssetup.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\syncui.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\sxs.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\sscore.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\spopk.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\fphc.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\DShowRdpFilter.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\dot3msm.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\dot3api.dll
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\diskraid.exe
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\dfrgui.exe
2017-08-07 16:23:17 ----A---- C:\Windows\SysWOW64\DeviceCenter.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\xpsservices.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\wpdwcn.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\wlanpref.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\wlangpui.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\WerFaultSecure.exe
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\wcncsvc.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\vpnikeapi.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\sisbkup.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\shwebsvc.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\shunimpl.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\resutils.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\regapi.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\rdpendp.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\rdpencom.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\rasppp.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\prncache.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\printui.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\PortableDeviceApi.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\PkgMgr.exe
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\perfts.dll
2017-08-07 16:23:16 ----A---- C:\Windows\SysWOW64\OobeFldr.dll
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\shgina.dll
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\sethc.exe
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\SensorsCpl.dll
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\scansetting.dll
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\runonce.exe
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\rtutils.dll
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\msftedit.dll
2017-08-07 16:23:15 ----A---- C:\Windows\SysWOW64\msdmo.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\wmpshell.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\wmpeffects.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\WMNetMgr.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\wkscli.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\WinSATAPI.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\azroleui.dll
2017-08-07 16:23:14 ----A---- C:\Windows\SysWOW64\autoconv.exe
2017-08-07 16:23:13 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2017-08-07 16:23:13 ----A---- C:\Windows\SysWOW64\sqmapi.dll
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\thumbcache.dll
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\termmgr.dll
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\taskmgr.exe
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\printmanagement.msc
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\ppcsnap.dll
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\pmcsnap.dll
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\photowiz.dll
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\OpcServices.dll
2017-08-07 16:23:12 ----A---- C:\Windows\SysWOW64\netlogon.dll
2017-08-07 16:23:09 ----A---- C:\Windows\SysWOW64\scrptadm.dll
2017-08-07 16:23:08 ----A---- C:\Windows\SysWOW64\PushPrinterConnections.exe
2017-08-07 16:23:08 ----A---- C:\Windows\SysWOW64\puiobj.dll
2017-08-07 16:23:07 ----A---- C:\Windows\SysWOW64\wshbth.dll
2017-08-07 16:23:07 ----A---- C:\Windows\SysWOW64\wsdchngr.dll
2017-08-07 16:23:06 ----A---- C:\Windows\SysWOW64\wshirda.dll
2017-08-07 16:23:06 ----A---- C:\Windows\SysWOW64\msutb.dll
2017-08-07 16:23:04 ----A---- C:\Windows\SysWOW64\netdiagfx.dll
2017-08-07 16:23:04 ----A---- C:\Windows\SysWOW64\netcenter.dll
2017-08-07 16:23:04 ----A---- C:\Windows\SysWOW64\net1.exe
2017-08-07 16:23:04 ----A---- C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-08-07 16:23:04 ----A---- C:\Windows\SysWOW64\msyuv.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\vssapi.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\vfwwdm32.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\vdsbas.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\VAN.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\UserAccountControlSettings.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\MFPlay.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\luainstall.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\KBDUS.DLL
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\KBDTAJIK.DLL
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\KBDMON.DLL
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\KBDINTAM.DLL
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\KBDINMAR.DLL
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\KBDINHIN.DLL
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\inetmib1.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\defaultlocationcpl.dll
2017-08-07 16:23:02 ----A---- C:\Windows\SysWOW64\actxprxy.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\ifsutil.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\iccvid.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\iasrecst.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\hbaapi.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\fms.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\EhStorAPI.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\cscdll.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\cscapi.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\cca.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\cabinet.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\browseui.dll
2017-08-07 16:23:01 ----A---- C:\Windows\SysWOW64\bitsperf.dll
2017-08-07 16:18:45 ----D---- C:\Users\ab021\AppData\Roaming\Identities
2017-08-07 16:18:27 ----SD---- C:\Users\ab021\AppData\Roaming\Microsoft
2017-08-07 16:18:27 ----D---- C:\Users\ab021\AppData\Roaming\Media Center Programs
2017-08-07 16:16:49 ----SHD---- C:\Recovery
2017-08-07 16:16:46 ----D---- C:\Windows\SoftwareDistribution
2017-08-07 16:08:04 ----ASH---- C:\pagefile.sys
2017-08-07 16:08:03 ----SHD---- C:\System Volume Information
2017-08-07 16:08:03 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2017-09-02 17:47:22 ----D---- C:\Windows\Temp
2017-09-02 17:47:21 ----RD---- C:\Program Files (x86)
2017-09-02 17:39:51 ----SD---- C:\ProgramData\Microsoft
2017-08-30 05:46:54 ----D---- C:\Windows\inf
2017-08-30 05:46:33 ----D---- C:\Windows
2017-08-28 18:02:03 ----D---- C:\Windows\System32
2017-08-12 14:39:19 ----D---- C:\Windows\rescache
2017-08-11 12:56:40 ----RSD---- C:\Windows\Fonts
2017-08-11 12:16:52 ----HD---- C:\ProgramData
2017-08-10 21:17:00 ----D---- C:\Windows\Logs
2017-08-10 17:51:57 ----D---- C:\Windows\SysWOW64
2017-08-10 17:50:24 ----D---- C:\Program Files (x86)\Common Files
2017-08-08 22:24:10 ----D---- C:\Windows\debug
2017-08-08 20:18:52 ----D---- C:\Windows\winsxs
2017-08-08 20:16:29 ----D---- C:\Windows\SysWOW64\sk-SK
2017-08-08 20:16:29 ----D---- C:\Windows\SysWOW64\migration
2017-08-08 20:16:29 ----D---- C:\Windows\SysWOW64\en-US
2017-08-08 20:16:29 ----D---- C:\Program Files (x86)\Internet Explorer
2017-08-08 20:16:25 ----D---- C:\Windows\AppPatch
2017-08-08 15:35:45 ----RSD---- C:\Windows\assembly
2017-08-08 15:06:43 ----D---- C:\Windows\Downloaded Program Files
2017-08-08 15:06:27 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2017-08-08 14:33:46 ----RD---- C:\Program Files
2017-08-08 14:24:53 ----D---- C:\Windows\Tasks
2017-08-08 11:34:54 ----D---- C:\Windows\twain_32
2017-08-08 07:41:43 ----D---- C:\Windows\Microsoft.NET
2017-08-08 06:48:07 ----A---- C:\Windows\win.ini
2017-08-08 06:27:18 ----D---- C:\Windows\AppCompat
2017-08-08 06:13:47 ----D---- C:\Windows\tracing
2017-08-07 23:06:39 ----D---- C:\Windows\ehome
2017-08-07 23:06:37 ----D---- C:\Program Files (x86)\Common Files\System
2017-08-07 23:06:25 ----D---- C:\Windows\SysWOW64\Dism
2017-08-07 23:06:23 ----D---- C:\Program Files (x86)\Windows Defender
2017-08-07 23:06:22 ----D---- C:\Windows\SysWOW64\wbem
2017-08-07 23:06:18 ----D---- C:\Windows\PolicyDefinitions
2017-08-07 23:06:08 ----D---- C:\Windows\SysWOW64\migwiz
2017-08-07 23:06:08 ----D---- C:\Program Files (x86)\Windows Media Player
2017-08-07 17:51:21 ----D---- C:\Windows\ShellNew
2017-08-07 17:50:39 ----D---- C:\Program Files (x86)\MSBuild
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\zh-TW
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\zh-HK
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\zh-CN
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\tr-TR
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\sv-SE
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\ru-RU
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\pt-PT
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\pt-BR
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\pl-PL
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\nl-NL
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\nb-NO
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\ko-KR
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\ja-JP
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\it-IT
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\hu-HU
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\fr-FR
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\fi-FI
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\es-ES
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\el-GR
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\de-DE
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\da-DK
2017-08-07 17:13:38 ----D---- C:\Windows\SysWOW64\cs-CZ
2017-08-07 17:06:51 ----D---- C:\Windows\Setup
2017-08-07 16:53:57 ----D---- C:\Program Files (x86)\Windows Sidebar
2017-08-07 16:53:57 ----D---- C:\Program Files (x86)\Windows Portable Devices
2017-08-07 16:53:57 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-08-07 16:53:57 ----D---- C:\Program Files (x86)\Windows Mail
2017-08-07 16:53:52 ----D---- C:\Windows\servicing
2017-08-07 16:53:50 ----D---- C:\Windows\SysWOW64\sppui
2017-08-07 16:53:50 ----D---- C:\Windows\SysWOW64\Setup
2017-08-07 16:53:50 ----D---- C:\Windows\SysWOW64\oobe
2017-08-07 16:53:50 ----D---- C:\Windows\SysWOW64\manifeststore
2017-08-07 16:53:50 ----D---- C:\Windows\SysWOW64\en
2017-08-07 16:53:50 ----D---- C:\Windows\SysWOW64\AdvancedInstallers
2017-08-07 16:46:43 ----A---- C:\Windows\SysWOW64\msclmd.dll
2017-08-07 16:18:43 ----SHD---- C:\$Recycle.Bin
2017-08-07 16:18:26 ----RD---- C:\Users
2017-08-07 16:08:39 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 SI3112;SiI-3512 SATALink Controller; C:\Windows\system32\DRIVERS\SI3112.sys []
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys []
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys []
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys []
R3 PAC7302;Trust Webcam 16175; C:\Windows\system32\DRIVERS\PAC7302.SYS []
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 CrossLoopService;CrossLoop Service; C:\Users\ab021\AppData\Local\CrossLoop\CrossLoopService.exe [2012-01-06 569072]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2015-07-22 985280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-08 153168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-08 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 MBAMService;Malwarebytes Service; D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-08-28 175568]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 tvnserver;TightVNC Server; C:\Users\ab021\AppData\Local\CrossLoop\tvnserver.exe [2010-07-21 814080]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problémy s pamäťou
Moderátor: Moderátoři
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problémy s pamäťou
Zdravím!
Paměť těžko vyřešíme pomocí logu, kterým se mažou viry. Udělejte kontrolu RAM: https://forum.viry.cz/viewtopic.php?f=53&t=106788 .
Paměť těžko vyřešíme pomocí logu, kterým se mažou viry. Udělejte kontrolu RAM: https://forum.viry.cz/viewtopic.php?f=53&t=106788 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problémy s pamäťou
Dobrý deň. Nemôžem bootovať memtest, napálený na CD. Vymieňal som napaľovačky so zapojením cez radič PCI na SATA a odvtedy mi nechce bootovať. Prepínal som Boot v BIOSe, ale nepomohlo. Inštalačné DVD Windows 7 mi nabootuje, ale ISO súbor nie. Neviem, či to nespôsobuje radič. Znamená to pre mňa, že nemôžem previesť kontrolu RAM.
Re: Problémy s pamäťou
Jednorazovo vstupim:
predpokladam, ze nebootuje lebo si na CD napalil ISO subor,,, treba z iso napalit obraz
predpokladam, ze nebootuje lebo si na CD napalil ISO subor,,, treba z iso napalit obraz
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Problémy s pamäťou
Napálil som na CD RW obraz, ale ani tak nenabootuje.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problémy s pamäťou
V tom případě jste nevypálil obraz. Máme ověřeno, že Memtest z tohoto odkazu funguje. Druhá možnost je, že nemáte nastaveno v biosu bootování z opt. mechaniky.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problémy s pamäťou
Napálil som obraz. Myslim si, že mám aj správne nastavené bootovanie (viď. prílohu). Skontroľujte prosím a prípadne poraďte. Pri napaľovačkách s pripojením IDE to fungovalo. Pretože sa mi DVD ROMky poškodili a nemal som voľný slot SATA, kúpil som radič PCI na 2xSATA a DVD ROM som pripojil na radič. Odvtedy (cca týždeň) mám problémy. Ďakujem
Príloha:
http://www100.zippyshare.com/v/9itlw2L4/file.html
Príloha:
http://www100.zippyshare.com/v/9itlw2L4/file.html
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problémy s pamäťou
V tom to asi bude. Podle mého by měl být první CD ROM. Budete asi muset vyrobit bootovatelnou flešku pomocí programu PowerISO: http://www.stahuj.centrum.cz/multimedia ... /poweriso/ a nabootovat z ní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problémy s pamäťou
To ATAPI je CD ROM, ktoré je zapojené do radiča.
Re: Problémy s pamäťou
pises: Inštalačné DVD Windows 7 mi nabootuje, ale ISO súbor nie
ak to plati, nemoze byt problem v bootovani
ak to plati, nemoze byt problem v bootovani
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problémy s pamäťou
Zřejmě nezvládá bootování. Zkuste to přes USB (viz výše).ab021 píše:To ATAPI je CD ROM, ktoré je zapojené do radiča.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problémy s pamäťou
Ďakujem za pomoc a rady. Odpojil som z dosky jeden HDD a zapojil CD ROMku a bootuje. Takže chyba bola v radiči, cez ktorý bootovanie nejde.
Prajem pekný deň.
Prajem pekný deň.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problémy s pamäťou
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?