Počítač sa začal chovať divne, log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2015-03-14 23:23:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 152 GB (76%) free of 200 GB
Total RAM: 8130 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:23:29, on 14. 3. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8860 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a94711a8-d476-47a9-8848-c4af7c8a41cd -SystemEventPortName:HostProcess-ca6126b6-060d-4bf1-89aa-95e5d556bd62 -IoCancelEventPortName:HostProcess-989b5e5d-534e-4e6d-8b04-0fe623f6b26b -NonStateChangingEventPortName:HostProcess-455d6d77-f0f3-433f-a28f-ad8b867fb6f8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0407fc01-7ec1-425b-ad67-dc550676a2f9 -DeviceGroupId:
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN33Q1BJ0H05YC;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
taskeng.exe {729561AA-A267-465A-9111-39C0C8F4289A}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
HydraDM64.exe -h:131442 "Maximize to full desktop" "Maximize to window corners" "Restore desktop"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\avastui.exe" --type=gpu-process --channel="1160.0.195644011\440986013" --no-sandbox --lang=en-US --log-file="C:\Users\user\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.2.2214)" --proxy-auto-detect --disable-gpu --disable-software-rasterizer --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.0.0 --lang=en-US --log-file="C:\Users\user\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.2.2214)" --proxy-auto-detect --disable-gpu --disable-software-rasterizer --no-sandbox /prefetch:822062411
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\user\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\6kuotdxu.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-14 218776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-13 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-03-14 886488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-14 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-13 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-14 710864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-10-22 7203032]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-12-06 389120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-13 5512912]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-03-14 22:00:00 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-03-14 22:00:00 ----D---- C:\Program Files (x86)\Microsoft Office
2015-03-14 21:59:12 ----D---- C:\Program Files\Microsoft Office 15
2015-03-13 22:00:14 ----D---- C:\Users\user\AppData\Roaming\AVAST Software
2015-03-13 21:56:41 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-03-13 21:56:41 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-03-13 21:56:40 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-03-13 21:56:39 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-03-13 21:56:38 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-03-13 21:56:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-03-13 21:56:36 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-03-13 21:56:34 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-03-13 21:56:33 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-13 21:56:31 ----A---- C:\Windows\avastSS.scr
2015-03-13 21:56:09 ----D---- C:\Program Files\AVAST Software
2015-03-13 19:52:26 ----SHD---- C:\Config.Msi
2015-03-13 19:46:51 ----SD---- C:\Windows\SYSWOW64\Microsoft
2015-03-12 21:41:26 ----D---- C:\Program Files (x86)\Microsoft Office 15
2015-03-11 10:20:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 10:20:52 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 10:20:52 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 10:20:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 10:20:52 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 10:20:52 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 10:20:52 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 10:20:52 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 10:20:52 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 10:20:52 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 10:20:48 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 10:20:48 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 10:20:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 10:20:47 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 10:20:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 10:20:47 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 10:20:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 10:20:46 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 10:20:45 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 10:20:45 ----A---- C:\Windows\system32\mf.dll
2015-03-11 10:20:44 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 10:20:44 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 10:20:44 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 10:20:43 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 10:20:43 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 10:20:43 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 10:20:43 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 10:20:43 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 10:20:43 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\winload.exe
2015-03-11 10:20:43 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 10:20:43 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 10:20:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 10:20:42 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 10:20:42 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 10:20:42 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 10:20:42 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 10:20:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 10:20:42 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\evr.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 10:20:42 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 10:20:41 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 10:20:41 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 10:20:41 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 10:20:41 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 10:20:41 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 10:20:41 ----A---- C:\Windows\system32\smss.exe
2015-03-11 10:20:41 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 10:20:41 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 10:20:41 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 10:20:41 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 10:20:41 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 10:20:40 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 10:20:40 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 10:20:40 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 10:20:40 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 10:20:40 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 10:20:40 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 10:20:40 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 10:20:40 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 10:20:40 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 10:20:39 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 10:20:39 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 10:20:38 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 10:20:38 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 10:20:27 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 10:20:27 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 10:20:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 10:20:26 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 10:20:24 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 10:20:24 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 10:20:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 10:20:24 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 10:20:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 10:20:23 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 10:20:23 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 10:20:23 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 10:20:23 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 10:20:22 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 10:20:22 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 10:20:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 10:20:22 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 10:20:22 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 10:20:22 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 10:20:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 10:20:20 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 10:20:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 10:20:20 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 10:20:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-11 10:20:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-11 10:20:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 10:20:18 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 10:20:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 10:20:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 10:20:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-11 10:20:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-11 10:20:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-11 10:20:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-11 10:20:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 10:20:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-11 10:20:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-11 10:20:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 10:20:17 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 10:20:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 10:20:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-11 10:20:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-11 10:20:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-11 10:20:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-11 10:20:16 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 10:20:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 10:20:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 10:20:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-11 10:20:15 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-11 10:20:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-11 10:20:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-11 10:20:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-11 10:20:15 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 10:20:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 10:20:15 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 10:20:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 10:20:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 10:20:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-11 10:20:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-11 10:20:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 10:20:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-11 10:20:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 10:20:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 10:20:14 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 10:20:13 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-11 10:20:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 10:20:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 10:20:13 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 10:20:13 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 10:20:13 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 10:20:12 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 10:20:12 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 10:20:12 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 10:20:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 10:20:12 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 10:20:12 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 10:20:11 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 10:20:10 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-11 10:20:10 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-06 14:22:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-02 10:04:59 ----D---- C:\Program Files\CCleaner
2015-02-25 22:40:12 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-25 22:40:12 ----A---- C:\Windows\system32\wdi.dll
2015-02-25 22:40:12 ----A---- C:\Windows\system32\powertracker.dll
2015-02-25 22:40:12 ----A---- C:\Windows\system32\perftrack.dll
======List of files/folders modified in the last 1 month======
2015-03-14 23:23:29 ----D---- C:\Windows\Temp
2015-03-14 23:23:29 ----D---- C:\Windows\Prefetch
2015-03-14 23:23:29 ----D---- C:\Program Files\trend micro
2015-03-14 23:21:18 ----D---- C:\Windows\system32\config
2015-03-14 23:13:56 ----D---- C:\Windows\System32
2015-03-14 23:13:56 ----D---- C:\Windows\inf
2015-03-14 23:13:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-14 23:13:54 ----D---- C:\Windows\Microsoft.NET
2015-03-14 23:13:00 ----RSD---- C:\Windows\assembly
2015-03-14 23:07:56 ----D---- C:\Windows
2015-03-14 23:07:45 ----RSD---- C:\Windows\Fonts
2015-03-14 22:21:59 ----D---- C:\Users\user\AppData\Roaming\HpUpdate
2015-03-14 22:01:45 ----SHD---- C:\Windows\Installer
2015-03-14 22:01:21 ----D---- C:\Program Files (x86)\Common Files
2015-03-14 22:01:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-03-14 22:00:00 ----RD---- C:\Program Files (x86)
2015-03-14 22:00:00 ----HD---- C:\ProgramData
2015-03-14 22:00:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-03-14 21:59:12 ----RD---- C:\Program Files
2015-03-14 11:34:53 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2015-03-14 11:31:22 ----SD---- C:\ProgramData\Microsoft
2015-03-13 21:56:56 ----D---- C:\Windows\system32\Tasks
2015-03-13 21:56:45 ----SHD---- C:\System Volume Information
2015-03-13 21:56:41 ----D---- C:\Windows\system32\drivers
2015-03-13 21:55:22 ----D---- C:\ProgramData\AVAST Software
2015-03-13 20:06:25 ----D---- C:\Windows\Tasks
2015-03-13 20:06:25 ----D---- C:\Windows\system32\wfp
2015-03-13 20:06:25 ----D---- C:\Windows\system32\wbem
2015-03-13 20:06:03 ----D---- C:\Windows\system32\DriverStore
2015-03-13 20:06:03 ----D---- C:\Windows\system32\catroot2
2015-03-13 20:06:02 ----D---- C:\Windows\registration
2015-03-13 19:46:51 ----D---- C:\Windows\SysWOW64
2015-03-12 21:14:07 ----D---- C:\Windows\SoftwareDistribution
2015-03-12 21:12:50 ----D---- C:\Windows\debug
2015-03-12 10:43:40 ----D---- C:\Windows\rescache
2015-03-11 13:51:33 ----D---- C:\Windows\winsxs
2015-03-11 13:50:03 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-03-11 13:50:03 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-11 13:50:03 ----D---- C:\Program Files\Windows Media Player
2015-03-11 13:50:03 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-11 13:50:02 ----D---- C:\Windows\system32\sk-SK
2015-03-11 13:50:02 ----D---- C:\Windows\system32\Dism
2015-03-11 13:50:01 ----D---- C:\Windows\system32\en-US
2015-03-11 13:50:00 ----D---- C:\Windows\system32\Boot
2015-03-11 13:49:55 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-11 13:49:53 ----D---- C:\Program Files\Internet Explorer
2015-03-11 13:49:52 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 13:44:26 ----D---- C:\Windows\system32\MRT
2015-03-11 13:43:14 ----A---- C:\Windows\system32\MRT.exe
2015-03-07 15:10:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-02 10:06:20 ----D---- C:\Program Files\PDFCreator
2015-02-26 10:03:17 ----D---- C:\Windows\tracing
2015-02-24 03:17:24 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-17 19:09:00 ----D---- C:\Windows\system32\drivers\UMDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-13 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-13 268640]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-13 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-13 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-13 441728]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-13 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-13 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-13 136752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-22 3692632]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-26 805088]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-13 343336]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-10 2714800]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-06 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-02-24 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-02-24 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podozrenie an vír
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie an vír
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie an vír
Program nič nenašiel:
# AdwCleaner v4.112 - Logfile created 15/03/2015 at 11:45:43
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\adwcleaner_4.112.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v36.0.1 (x86 sk)
*************************
AdwCleaner[R0].txt - [800 bytes] - [27/10/2014 18:23:48]
AdwCleaner[R1].txt - [870 bytes] - [05/02/2015 21:48:28]
AdwCleaner[R2].txt - [731 bytes] - [15/03/2015 11:45:43]
AdwCleaner[S0].txt - [855 bytes] - [27/10/2014 18:24:35]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [847 bytes] ##########
# AdwCleaner v4.112 - Logfile created 15/03/2015 at 11:45:43
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : user - USER-PC
# Running from : C:\Users\user\Desktop\adwcleaner_4.112.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v36.0.1 (x86 sk)
*************************
AdwCleaner[R0].txt - [800 bytes] - [27/10/2014 18:23:48]
AdwCleaner[R1].txt - [870 bytes] - [05/02/2015 21:48:28]
AdwCleaner[R2].txt - [731 bytes] - [15/03/2015 11:45:43]
AdwCleaner[S0].txt - [855 bytes] - [27/10/2014 18:24:35]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [847 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie an vír
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie an vír
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Liongard
->Temp folder emptied: 885238 bytes
->Temporary Internet Files folder emptied: 5477167 bytes
->FireFox cache emptied: 374484456 bytes
->Flash cache emptied: 5163 bytes
User: Public
User: user
->Temp folder emptied: 12256297 bytes
->Temporary Internet Files folder emptied: 7886560 bytes
->FireFox cache emptied: 369253375 bytes
->Flash cache emptied: 660 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4150785 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 4197312 bytes
Total Files Cleaned = 743,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Liongard
->Flash cache emptied: 0 bytes
User: Public
User: user
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03152015_130059
Files moved on Reboot...
C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Liongard
->Temp folder emptied: 885238 bytes
->Temporary Internet Files folder emptied: 5477167 bytes
->FireFox cache emptied: 374484456 bytes
->Flash cache emptied: 5163 bytes
User: Public
User: user
->Temp folder emptied: 12256297 bytes
->Temporary Internet Files folder emptied: 7886560 bytes
->FireFox cache emptied: 369253375 bytes
->Flash cache emptied: 660 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4150785 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 4197312 bytes
Total Files Cleaned = 743,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Liongard
->Flash cache emptied: 0 bytes
User: Public
User: user
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03152015_130059
Files moved on Reboot...
C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie an vír
Smazáno. Protože jsem nic zvláštního nenašel, udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie an vír
Antimalaware nenašiel žiaden vír. Mojim problémom je že asi v pondelok sa mi stiahla aktualizácia Microsoft office 2013 a po tejto aktualizácii mi zmizli bunky z Excelu. V zobraziť je zaškrtnuté všetko a bunky sa nezobrazujú. Po asi 3 dňoch som odinštaloval balik office a znova ho nainštaloval ale chyba sa neodstránila. Po konzultácii na odobornom forku som stiahol odinštalator a vymazal aj registry a zasa som balik office nainštaloval, program stále nefunguje ako má. Po tomto som si stiahol ešte iný kanál čo našiel komplet registri a vymazal ich ale bohužiaľ po nainštalovaní Balík sa stali dve veci. Keď vytvorím subor cez ikonu na ploche tak ide ok, všetko funguje ale ak súbor vytvorím cez pravé tlačítko tak chyba pretrváva. Ja už neviem, kde by som mal hľadať chybu? Viete mi poradiť? Subory vaše nenašli žiaden vír tak v čom môže byť problém?
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie an vír
To mohu těžko odhadnout. Toto není fórum Office a určitě vám lépe poradí tech.podpora MS. Za sebe mohu říci, že ve vašem PC virus není.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie an vír
Takže jednoznčne sa mi podarilo dokázať že ide o nákazu. Preinštaloval som windows ale po asi 1 mesiaci sa chyba v Exceli zobrazovala znova tak som googlil ale nič som nevygooglil ale začal som odinštalovávať podozrivé aktualizácie. To nepomohlo až nakoniec USBfIx urobil výmaz temoraty files a program naraz začal ísť ako má ale po reštarte zasa sa objavila chyba. Niečo zasa nakazilo program nejakým škodlivým kódom. Avast nič nedetekoval ale jednoučelová ulitka od Nortonu detekovala v niektorých učebných programoch trojské kone. Nezavisle na to aj ulitka HerdProtect detekovala víry ale avast nič nedetekoval. Dotyčné ulity detekovali trojan-Clicker a trojan-Gen ako aj Adware media???
Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-04-20 14:01:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (67%) free of 100 GB
Total RAM: 8130 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:54, on 20. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1305448921-1843047715-643026882-1001\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" (User 'Animatrix')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8494 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-defc0ff7-6eb5-47e4-84d0-962738cecd7d -SystemEventPortName:HostProcess-8d22cb6e-47b9-470c-b8f8-f39f6ebbc8c3 -IoCancelEventPortName:HostProcess-93d6ee28-aa31-44bb-b077-003a0c128cee -NonStateChangingEventPortName:HostProcess-d818f869-7462-4e3c-9201-a16685741f28 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e0cfb3c7-4ba9-4c4e-a1fd-084e42cd6513 -DeviceGroupId:
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HydraDM64.exe -h:65912 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
taskeng.exe {603C0E72-F056-45A3-8BEE-38AA831364D4}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomas\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\30eva419.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-19 219296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-08 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-19 886480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-19 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-08 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-19 710872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-11-26 7659736]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-05-28 36352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-12-06 389120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2015-04-08 292848]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-08 5512912]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-20 14:01:51 ----D---- C:\rsit
2015-04-20 14:01:51 ----D---- C:\Program Files\trend micro
2015-04-20 13:51:55 ----A---- C:\Windows\system32\drivers\SMR430.dat
2015-04-20 13:50:08 ----A---- C:\Windows\WORDPAD.INI
2015-04-20 13:39:23 ----D---- C:\NPE
2015-04-20 13:39:14 ----A---- C:\Windows\ntbtlog.txt
2015-04-20 13:38:03 ----A---- C:\Windows\system32\drivers\SMR430.SYS
2015-04-20 13:37:58 ----D---- C:\ProgramData\Norton
2015-04-20 13:22:09 ----D---- C:\Program Files\Reason
2015-04-20 13:00:04 ----RASHD---- C:\Autorun.inf
2015-04-19 23:12:32 ----D---- C:\Config.Msi
2015-04-19 20:20:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 20:07:26 ----D---- C:\Users\Tomas\AppData\Roaming\Nero
2015-04-19 20:01:22 ----D---- C:\ProgramData\Nero
2015-04-19 19:49:17 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-04-19 19:49:17 ----D---- C:\Program Files (x86)\Microsoft Office
2015-04-19 19:44:09 ----D---- C:\Program Files\Microsoft Office 15
2015-04-19 19:41:56 ----D---- C:\Program Files\CCleaner
2015-04-18 21:47:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-18 19:43:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 16:11:30 ----D---- C:\Windows\pss
2015-04-18 15:48:25 ----D---- C:\Users\Tomas\AppData\Roaming\vlc
2015-04-18 15:48:11 ----D---- C:\Program Files\VideoLAN
2015-04-11 20:37:55 ----D---- C:\Users\Tomas\AppData\Roaming\Geek Uninstaller
2015-04-11 19:57:09 ----A---- C:\Windows\UC.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\RAR.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\PKZIP.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\PKUNZIP.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\LHA.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\ARJ.PIF
2015-04-11 19:57:08 ----D---- C:\Users\Tomas\AppData\Roaming\GHISLER
2015-04-11 19:57:08 ----D---- C:\totalcmd
2015-04-10 16:49:12 ----D---- C:\Windows\CheckSur
2015-04-10 16:41:35 ----A---- C:\DelFix.txt
2015-04-09 22:29:54 ----A---- C:\Windows\system32\perfh01B.dat
2015-04-09 22:29:54 ----A---- C:\Windows\system32\perfc01B.dat
2015-04-08 18:45:47 ----D---- C:\LibreOfficePortable
2015-04-08 17:42:42 ----D---- C:\Users\Tomas\AppData\Roaming\Macromedia
2015-04-08 17:40:48 ----D---- C:\Windows\SYSWOW64\Macromed
2015-04-08 17:40:47 ----D---- C:\Windows\system32\Macromed
2015-04-08 15:22:40 ----A---- C:\Windows\system32\RtNicProp64.dll
2015-04-08 15:22:40 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2015-04-08 15:19:13 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-04-08 15:19:13 ----D---- C:\Program Files\Realtek
2015-04-08 15:18:57 ----N---- C:\Windows\system32\drivers\DTSU2P.DAT
2015-04-08 15:18:54 ----A---- C:\Windows\system32\YamahaAE.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\WavesGUILib64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tossaeapo64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\toseaeapo64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tosasfapo64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tosade.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tepeqapo64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\tadefxapo264.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\tadefxapo.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SStudio.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSWOW64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSTSX64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSTSH64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSHP64.dll
2015-04-08 15:18:50 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFSS_APO.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFNHK64.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFCOM64.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFAPO64.dll
2015-04-08 15:18:48 ----A---- C:\Windows\system32\RtPgEx64.dll
2015-04-08 15:18:48 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2015-04-08 15:18:48 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RtkCfg64.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEEP64A.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEEL64A.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEEG64A.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEED64A.dll
2015-04-08 15:18:46 ----A---- C:\Windows\system32\RP3DHT64.dll
2015-04-08 15:18:46 ----A---- C:\Windows\system32\RP3DAA64.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEP64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEL64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEG64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EED64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEA64A.dll
2015-04-08 15:18:38 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-04-08 15:18:38 ----A---- C:\Windows\system32\MISS_APO.dll
2015-04-08 15:18:35 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-04-08 15:18:33 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-04-08 15:18:32 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-04-08 15:18:32 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2015-04-08 15:18:30 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\KAAPORT64.dll
2015-04-08 15:18:23 ----A---- C:\Windows\system32\FMAPO64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPP64A.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPO64A.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPD64A.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPA64.dll
2015-04-08 15:18:20 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-04-08 15:18:20 ----A---- C:\Windows\system32\audioLibVc.dll
2015-04-08 15:18:20 ----A---- C:\Windows\system32\AERTAR64.dll
2015-04-08 15:18:19 ----A---- C:\Windows\system32\AERTAC64.dll
2015-04-08 15:18:19 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2015-04-08 09:30:23 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-04-08 09:30:23 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-04-08 09:29:25 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-04-08 09:29:25 ----A---- C:\Windows\system32\d2d1.dll
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDRU.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-04-08 09:29:05 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-04-08 09:29:05 ----A---- C:\Windows\system32\rdpudd.dll
2015-04-08 09:29:05 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-04-08 09:29:05 ----A---- C:\Windows\system32\rdpcorets.dll
2015-04-08 09:29:05 ----A---- C:\Windows\explorer.exe
2015-04-08 09:29:04 ----A---- C:\Windows\system32\esent.dll
2015-04-08 09:29:03 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2015-04-08 09:29:03 ----A---- C:\Windows\SYSWOW64\esent.dll
2015-04-08 09:29:03 ----A---- C:\Windows\system32\fsutil.exe
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\nvstor.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\nvraid.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\amdxata.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\amdsata.sys
2015-04-08 09:29:02 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-04-08 09:29:02 ----A---- C:\Windows\system32\d3d10warp.dll
2015-04-08 09:28:58 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-04-08 09:28:58 ----A---- C:\Windows\system32\mstscax.dll
2015-04-08 09:28:57 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-04-08 09:28:57 ----A---- C:\Windows\system32\spoolsv.exe
2015-04-08 09:28:57 ----A---- C:\Windows\splwow64.exe
2015-04-08 09:28:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-08 00:21:02 ----D---- C:\Program Files (x86)\VideoLAN
2015-04-08 00:19:22 ----D---- C:\Users\Tomas\AppData\Roaming\AVAST Software
2015-04-08 00:18:26 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-04-08 00:18:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-04-08 00:18:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-04-08 00:18:25 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-04-08 00:18:24 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-04-08 00:18:23 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-04-08 00:18:21 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-04-08 00:18:19 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-04-08 00:18:18 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-08 00:18:13 ----A---- C:\Windows\avastSS.scr
2015-04-08 00:17:51 ----D---- C:\Program Files\AVAST Software
2015-04-08 00:16:49 ----D---- C:\ProgramData\AVAST Software
2015-04-08 00:16:24 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2015-04-08 00:16:19 ----D---- C:\ProgramData\Microsoft OneDrive
2015-04-08 00:11:22 ----D---- C:\Users\Tomas\AppData\Roaming\Mozilla
2015-04-08 00:11:18 ----D---- C:\ProgramData\Mozilla
2015-04-08 00:04:26 ----D---- C:\Program Files (x86)\Longman
2015-04-07 23:59:09 ----N---- C:\Windows\system32\HPDiscoPMB011.dll
2015-04-07 23:56:42 ----A---- C:\Windows\system32\HPWia2_DJ3520.dll
2015-04-07 23:56:37 ----A---- C:\Windows\system32\HPScanTRDrv_DJ3520.dll
2015-04-07 23:51:16 ----D---- C:\Program Files (x86)\HP
2015-04-07 23:51:15 ----D---- C:\Program Files\HP
2015-04-07 23:50:41 ----A---- C:\ProgramData\Ament.ini
2015-04-07 23:48:41 ----D---- C:\ProgramData\HP
2015-04-07 23:48:30 ----A---- C:\Windows\system32\HPWia2_DJ1050_J410.dll
2015-04-07 23:48:30 ----A---- C:\Windows\system32\HPScanTRDrv_DJ1050_J410.dll
2015-04-07 23:14:42 ----D---- C:\Windows\SYSWOW64\Wat
2015-04-07 23:14:42 ----D---- C:\Windows\system32\Wat
2015-04-07 23:13:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-04-07 23:13:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-04-07 23:13:48 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-04-07 23:13:48 ----A---- C:\Windows\system32\WMPhoto.dll
2015-04-07 23:12:21 ----D---- C:\Users\Tomas\AppData\Roaming\Adobe
2015-04-07 22:58:28 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-07 22:58:28 ----SD---- C:\Windows\system32\GWX
2015-04-07 22:58:27 ----SD---- C:\Windows\system32\CompatTel
2015-04-07 22:58:27 ----D---- C:\Windows\system32\appraiser
2015-04-07 22:40:43 ----A---- C:\Windows\system32\IEUDINIT.EXE
2015-04-07 22:35:44 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\msls31.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-07 22:35:43 ----A---- C:\Windows\system32\elshyph.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\wextract.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\url.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\inseng.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\icardie.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\wininet.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\urlmon.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2015-04-07 22:35:42 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msrating.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msls31.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\mshtmler.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msfeedssync.exe
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jsIntl.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jscript9.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\ieui.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\iesysprep.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\iertutil.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\ieframe.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\IEAdvpack.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\wextract.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\webcheck.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\vbscript.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\url.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\pngfilt.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\occache.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshtml.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshta.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\licmgr10.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\jscript.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\inseng.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\imgutil.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iexpress.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iernonce.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iepeers.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieapfltr.dat
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\icardie.dll
2015-04-07 22:33:07 ----D---- C:\Users\Tomas\AppData\Roaming\ATI
2015-04-07 22:33:07 ----D---- C:\ProgramData\ATI
2015-04-07 22:25:16 ----D---- C:\Users\Tomas\AppData\Roaming\DisplayTune
2015-04-07 22:23:11 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\wksprtPS.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\wksprt.exe
2015-04-07 22:23:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-07 22:23:10 ----A---- C:\Windows\system32\tsgqec.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\mstsc.exe
2015-04-07 22:23:10 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-04-07 22:20:56 ----A---- C:\Windows\msvcr70.dll
2015-04-07 22:20:56 ----A---- C:\Windows\msvcp70.dll
2015-04-07 22:20:56 ----A---- C:\Windows\msvbvm60.dll
2015-04-07 21:59:22 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2015-04-07 21:59:22 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-04-07 21:59:21 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-04-07 21:59:21 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-04-07 21:43:04 ----D---- C:\Windows\system32\MRT
2015-04-07 21:43:03 ----A---- C:\Windows\system32\MRT.exe
2015-04-07 21:39:30 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2015-04-07 21:39:30 ----A---- C:\Windows\system32\UIAnimation.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\dxgi.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10level9.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10_1.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\XpsPrint.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\FntCache.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\DWrite.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\d3d10.dll
2015-04-07 21:38:54 ----A---- C:\Windows\SYSWOW64\wmi.dll
2015-04-07 21:38:54 ----A---- C:\Windows\system32\wmi.dll
2015-04-07 21:38:54 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2015-04-07 21:35:12 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2015-04-07 21:35:12 ----A---- C:\Windows\SYSWOW64\icardres.dll
2015-04-07 21:35:12 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2015-04-07 21:35:12 ----A---- C:\Windows\system32\infocardapi.dll
2015-04-07 21:35:12 ----A---- C:\Windows\system32\icardres.dll
2015-04-07 21:35:12 ----A---- C:\Windows\system32\icardagt.exe
2015-04-07 21:35:07 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2015-04-07 21:35:07 ----A---- C:\Windows\system32\TsWpfWrp.exe
2015-04-07 21:34:22 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-04-07 21:34:22 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-04-07 21:34:22 ----A---- C:\Windows\system32\wmp.dll
2015-04-07 21:34:22 ----A---- C:\Windows\system32\drmv2clt.dll
2015-04-07 21:34:22 ----A---- C:\Windows\system32\blackbox.dll
2015-04-07 21:34:21 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-04-07 21:34:21 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-04-07 21:34:21 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-04-07 21:34:21 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-04-07 21:34:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-07 21:34:21 ----A---- C:\Windows\system32\mf.dll
2015-04-07 21:34:21 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\wintrust.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\winresume.exe
2015-04-07 21:34:20 ----A---- C:\Windows\system32\winload.exe
2015-04-07 21:34:20 ----A---- C:\Windows\system32\quartz.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\qdvd.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\mfplat.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\evr.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-04-07 21:34:20 ----A---- C:\Windows\system32\cryptui.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\cryptsvc.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\cryptnet.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\crypt32.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\ci.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\audiosrv.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\AudioEng.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\wmploc.DLL
2015-04-07 21:34:19 ----A---- C:\Windows\system32\srcore.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\srclient.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\spwmp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\smss.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\rstrui.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\rrinstaller.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcawrk.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcasvc.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcalua.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcaevts.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcadm.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\msscp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\msnetobj.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\msmmsp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\mfps.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\mfpmp.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\mferror.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\EncDump.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\dxmasf.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-04-07 21:34:19 ----A---- C:\Windows\system32\drivers\appid.sys
2015-04-07 21:34:19 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\cryptsp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\AudioSes.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\audiodg.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidsvc.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidapi.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-07 21:34:05 ----A---- C:\Windows\SYSWOW64\winsta.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\winsta.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\winlogon.exe
2015-04-07 21:34:05 ----A---- C:\Windows\system32\rdrmemptylst.exe
2015-04-07 21:34:05 ----A---- C:\Windows\system32\rdpwsx.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\rdpcorekmts.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2015-04-07 21:34:05 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\objsel.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\wincredprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\objsel.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\dpapiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\dimsroam.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\cngprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\capiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\adprovider.dll
2015-04-07 21:33:44 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2015-04-07 21:33:44 ----A---- C:\Windows\SYSWOW64\gameux.dll
2015-04-07 21:33:44 ----A---- C:\Windows\system32\Wpc.dll
2015-04-07 21:33:44 ----A---- C:\Windows\system32\gameux.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\schannel.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\kerberos.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-07 21:33:40 ----A---- C:\Windows\system32\drivers\cng.sys
2015-04-07 21:33:40 ----A---- C:\Windows\system32\adtschema.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-07 21:33:39 ----A---- C:\Windows\system32\wdigest.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\sspicli.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\secur32.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\msobjs.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\msaudite.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\lsass.exe
2015-04-07 21:33:39 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-07 21:33:39 ----A---- C:\Windows\system32\credssp.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\auditpol.exe
2015-04-07 21:33:38 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2015-04-07 21:33:38 ----A---- C:\Windows\system32\IMJP10K.DLL
2015-04-07 21:33:32 ----A---- C:\Windows\system32\invagent.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\generaltel.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\devinv.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\appraiser.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aepic.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aepdu.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aeinv.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\acmigration.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-07 21:33:25 ----A---- C:\Windows\system32\wow64win.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\wow64.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\winsrv.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\kernel32.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\conhost.exe
2015-04-07 21:33:23 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate.exe
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc_ssp.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\msdrm.dll
2015-04-07 21:33:20 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-04-07 21:33:20 ----A---- C:\Windows\system32\poqexec.exe
2015-04-07 21:33:15 ----A---- C:\Windows\system32\termsrv.dll
2015-04-07 21:33:09 ----A---- C:\Windows\system32\advapi32.dll
2015-04-07 21:33:08 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-04-07 21:33:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-07 21:33:08 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-04-07 21:33:08 ----A---- C:\Windows\system32\tdh.dll
2015-04-07 21:33:08 ----A---- C:\Windows\system32\ntdll.dll
2015-04-07 21:32:54 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2015-04-07 21:32:54 ----A---- C:\Windows\system32\d3d11.dll
2015-04-07 21:32:53 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2015-04-07 21:32:53 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-04-07 21:32:46 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-04-07 21:32:45 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2015-04-07 21:32:45 ----A---- C:\Windows\system32\netcorehc.dll
2015-04-07 21:32:45 ----A---- C:\Windows\system32\ncsi.dll
2015-04-07 21:32:45 ----A---- C:\Windows\system32\iphlpsvc.dll
2015-04-07 21:32:44 ----A---- C:\Windows\SYSWOW64\netevent.dll
2015-04-07 21:32:44 ----A---- C:\Windows\system32\nlaapi.dll
2015-04-07 21:32:44 ----A---- C:\Windows\system32\netevent.dll
2015-04-07 21:32:44 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2015-04-07 21:32:42 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2015-04-07 21:32:42 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2015-04-07 21:32:42 ----A---- C:\Windows\system32\ntshrui.dll
2015-04-07 21:32:42 ----A---- C:\Windows\system32\cryptdlg.dll
2015-04-07 21:32:36 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-04-07 21:32:36 ----A---- C:\Windows\system32\msxml6.dll
2015-04-07 21:32:35 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-04-07 21:32:35 ----A---- C:\Windows\system32\msxml6r.dll
2015-04-07 21:32:34 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2015-04-07 21:32:34 ----A---- C:\Windows\system32\shdocvw.dll
2015-04-07 21:32:32 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-07 21:32:32 ----A---- C:\Windows\system32\pku2u.dll
2015-04-07 21:32:28 ----A---- C:\Windows\SYSWOW64\certutil.exe
2015-04-07 21:32:28 ----A---- C:\Windows\SYSWOW64\certenc.dll
2015-04-07 21:32:28 ----A---- C:\Windows\system32\certutil.exe
2015-04-07 21:32:28 ----A---- C:\Windows\system32\certenc.dll
2015-04-07 21:32:25 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-04-07 21:32:25 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-04-07 21:32:25 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\msihnd.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\msi.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\consent.exe
2015-04-07 21:32:25 ----A---- C:\Windows\system32\authui.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\appinfo.dll
2015-04-07 21:32:24 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2015-04-07 21:32:24 ----A---- C:\Windows\system32\iologmsg.dll
2015-04-07 21:32:24 ----A---- C:\Windows\system32\drivers\storport.sys
2015-04-07 21:32:24 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2015-04-07 21:32:24 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2015-04-07 21:32:23 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2015-04-07 21:32:23 ----A---- C:\Windows\SYSWOW64\credui.dll
2015-04-07 21:32:23 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-07 21:32:23 ----A---- C:\Windows\system32\credui.dll
2015-04-07 21:32:22 ----A---- C:\Windows\system32\shell32.dll
2015-04-07 21:32:21 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-04-07 21:32:21 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2015-04-07 21:32:21 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2015-04-07 21:32:21 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2015-04-07 21:32:21 ----A---- C:\Windows\system32\dhcpcore6.dll
2015-04-07 21:32:18 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2015-04-07 21:32:18 ----A---- C:\Windows\SYSWOW64\browcli.dll
2015-04-07 21:32:18 ----A---- C:\Windows\system32\netapi32.dll
2015-04-07 21:32:18 ----A---- C:\Windows\system32\browser.dll
2015-04-07 21:32:18 ----A---- C:\Windows\system32\browcli.dll
2015-04-07 21:32:17 ----A---- C:\Windows\SYSWOW64\sbe.dll
2015-04-07 21:32:17 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2015-04-07 21:32:17 ----A---- C:\Windows\system32\sbe.dll
2015-04-07 21:32:17 ----A---- C:\Windows\system32\CPFilters.dll
2015-04-07 21:32:16 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2015-04-07 21:32:16 ----A---- C:\Windows\system32\xmllite.dll
2015-04-07 21:32:16 ----A---- C:\Windows\system32\drivers\usbscan.sys
2015-04-07 21:32:16 ----A---- C:\Windows\system32\drivers\hidparse.sys
2015-04-07 21:32:16 ----A---- C:\Windows\system32\drivers\hidclass.sys
2015-04-07 21:32:14 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-04-07 21:32:14 ----A---- C:\Windows\system32\wer.dll
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbport.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbhub.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbehci.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbd.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbcir.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbctrac.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbccu32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbccr32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbccp32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\lpk.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\fontsub.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\dciman32.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\atmlib.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\atmfd.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\synceng.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\packager.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\synceng.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\packager.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\msxml3.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\comctl32.dll
2015-04-07 21:32:09 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2015-04-07 21:32:09 ----A---- C:\Windows\system32\imagehlp.dll
2015-04-07 21:32:08 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-04-07 21:32:08 ----A---- C:\Windows\system32\tzres.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\scesrv.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\mfc42u.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\mfc42.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\drivers\fvevol.sys
2015-04-07 21:32:06 ----A---- C:\Windows\system32\dpnet.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\tquery.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-04-07 21:32:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssvp.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssrch.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssphtb.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssph.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\msscntrs.dll
2015-04-07 21:32:04 ----A---- C:\Windows\SYSWOW64\usp10.dll
2015-04-07 21:32:04 ----A---- C:\Windows\system32\usp10.dll
2015-04-07 21:32:03 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-04-07 21:32:02 ----A---- C:\Windows\system32\wwansvc.dll
2015-04-07 21:32:02 ----A---- C:\Windows\system32\wwanprotdim.dll
2015-04-07 21:32:02 ----A---- C:\Windows\system32\profsvc.dll
2015-04-07 21:32:01 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2015-04-07 21:32:01 ----A---- C:\Windows\system32\msieftp.dll
2015-04-07 21:32:00 ----A---- C:\Windows\SYSWOW64\webio.dll
2015-04-07 21:32:00 ----A---- C:\Windows\system32\webio.dll
2015-04-07 21:32:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-04-07 21:32:00 ----A---- C:\Windows\system32\drivers\netio.sys
2015-04-07 21:32:00 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-04-07 21:31:59 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-04-07 21:31:59 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-04-07 21:31:59 ----A---- C:\Windows\system32\WebClnt.dll
2015-04-07 21:31:59 ----A---- C:\Windows\system32\davclnt.dll
2015-04-07 21:31:58 ----A---- C:\Windows\SYSWOW64\mscories.dll
2015-04-07 21:31:58 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2015-04-07 21:31:58 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2015-04-07 21:31:58 ----A---- C:\Windows\system32\mscories.dll
2015-04-07 21:31:58 ----A---- C:\Windows\system32\mscorier.dll
2015-04-07 21:31:58 ----A---- C:\Windows\system32\dfshim.dll
2015-04-07 21:31:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-04-07 21:31:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-04-07 21:31:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-04-07 21:31:55 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2015-04-07 21:31:55 ----A---- C:\Windows\system32\mswsock.dll
2015-04-07 21:31:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2015-04-07 21:31:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2015-04-07 21:31:54 ----A---- C:\Windows\SYSWOW64\osk.exe
2015-04-07 21:31:54 ----A---- C:\Windows\system32\osk.exe
2015-04-07 21:31:54 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2015-04-07 21:31:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2015-04-07 21:31:54 ----A---- C:\Windows\system32\cdd.dll
2015-04-07 21:31:53 ----A---- C:\Windows\SYSWOW64\wscript.exe
2015-04-07 21:31:53 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2015-04-07 21:31:53 ----A---- C:\Windows\SYSWOW64\cscript.exe
2015-04-07 21:31:53 ----A---- C:\Windows\system32\wscript.exe
2015-04-07 21:31:53 ----A---- C:\Windows\system32\scrrun.dll
2015-04-07 21:31:53 ----A---- C:\Windows\system32\drivers\ataport.sys
2015-04-07 21:31:53 ----A---- C:\Windows\system32\cscript.exe
2015-04-07 21:31:52 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-04-07 21:31:52 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-04-07 21:31:52 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-07 21:31:52 ----A---- C:\Windows\system32\nlasvc.dll
2015-04-07 21:31:52 ----A---- C:\Windows\system32\msctf.dll
2015-04-07 21:31:50 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-04-07 21:31:50 ----A---- C:\Windows\system32\charmap.exe
2015-04-07 21:31:50 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2015-04-07 21:31:50 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WsmSvc.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WsmAuto.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-04-07 21:31:49 ----A---- C:\Windows\system32\wdi.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\powertracker.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\perftrack.dll
2015-04-07 21:31:48 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-04-07 21:31:48 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-07 21:31:47 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2015-04-07 21:31:47 ----A---- C:\Windows\system32\WMVDECOD.DLL
2015-04-07 21:31:47 ----A---- C:\Windows\system32\win32k.sys
2015-04-07 21:31:46 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-04-07 21:31:46 ----A---- C:\Windows\SYSWOW64\qedit.dll
2015-04-07 21:31:46 ----A---- C:\Windows\system32\ubpm.dll
2015-04-07 21:31:46 ----A---- C:\Windows\system32\qedit.dll
2015-04-07 21:31:45 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2015-04-07 21:31:45 ----A---- C:\Windows\system32\cdosys.dll
2015-04-07 21:31:44 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2015-04-07 21:31:44 ----A---- C:\Windows\system32\win32spl.dll
2015-04-07 21:31:44 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-04-07 21:31:43 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2015-04-07 21:31:43 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2015-04-07 21:31:43 ----A---- C:\Windows\system32\OxpsConverter.exe
2015-04-07 21:31:43 ----A---- C:\Windows\system32\drivers\afd.sys
2015-04-07 21:31:43 ----A---- C:\Windows\system32\dnsrslvr.dll
2015-04-07 21:31:43 ----A---- C:\Windows\system32\dnscacheugc.exe
2015-04-07 21:31:43 ----A---- C:\Windows\system32\dnsapi.dll
2015-04-07 21:31:42 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-04-07 21:31:42 ----A---- C:\Windows\system32\taskhost.exe
2015-04-07 21:31:42 ----A---- C:\Windows\system32\oleaut32.dll
2015-04-07 21:31:42 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-04-07 21:31:41 ----A---- C:\Windows\SYSWOW64\rastls.dll
2015-04-07 21:31:41 ----A---- C:\Windows\system32\rastls.dll
2015-04-07 21:31:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2015-04-07 21:31:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2015-04-07 21:31:41 ----A---- C:\Windows\system32\drivers\srv.sys
2015-04-07 21:31:40 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-07 21:31:40 ----A---- C:\Windows\system32\gdi32.dll
2015-04-07 21:31:40 ----A---- C:\Windows\system32\drivers\partmgr.sys
2015-04-07 21:31:39 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2015-04-07 21:31:39 ----A---- C:\Windows\system32\psisdecd.dll
2015-04-07 21:31:39 ----A---- C:\Windows\system32\drivers\bowser.sys
2015-04-07 21:31:38 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2015-04-07 21:31:38 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\rdpcore.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\localspl.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\EncDec.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2015-04-07 21:31:37 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2015-04-07 21:31:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-07 21:31:37 ----A---- C:\Windows\system32\oleacc.dll
2015-04-07 21:31:37 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\devobj.dll
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2015-04-07 21:31:35 ----A---- C:\Windows\system32\umpnpmgr.dll
2015-04-07 21:31:34 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\msvcrt.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\kdusb.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\kdcom.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\kd1394.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\FXSCOVER.exe
2015-04-07 21:31:33 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2015-04-07 21:31:33 ----A---- C:\Windows\system32\prevhost.exe
2015-04-07 21:31:27 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2015-04-07 21:31:27 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2015-04-07 21:31:27 ----A---- C:\Windows\system32\nshwfp.dll
2015-04-07 21:31:27 ----A---- C:\Windows\system32\IKEEXT.DLL
2015-04-07 21:31:27 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2015-04-07 21:30:13 ----A---- C:\Windows\system32\scavengeui.dll
2015-04-07 21:27:29 ----D---- C:\Windows\Panther
2015-04-07 21:17:59 ----A---- C:\Windows\system32\rpcrt4.dll
2015-04-07 21:17:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-04-07 21:15:57 ----D---- C:\ProgramData\AMD
2015-04-07 21:15:57 ----D---- C:\Program Files (x86)\AMD AVT
2015-04-07 21:15:05 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2015-04-07 21:15:05 ----A---- C:\Windows\system32\DelayAPO.dll
2015-04-07 21:15:02 ----D---- C:\Program Files\AMD
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\amdocl_ld32.exe
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\amdocl_as32.exe
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\OVDecode64.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\OpenVideo64.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\coinst_13.251.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\clinfo.exe
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvsvl.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvsva.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvaxy_cik.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativce02.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\atipblag.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\amdocl64.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\amdocl_ld64.exe
2015-04-07 21:14:57 ----A---- C:\Windows\system32\amdocl_as64.exe
2015-04-07 21:14:27 ----D---- C:\Program Files\Common Files\ATI Technologies
2015-04-07 21:13:30 ----D---- C:\ProgramData\Package Cache
2015-04-07 21:09:13 ----D---- C:\Program Files (x86)\ATI Technologies
2015-04-07 21:08:48 ----D---- C:\Program Files\ATI Technologies
2015-04-07 21:08:44 ----D---- C:\Program Files\ATI
2015-04-07 21:08:17 ----D---- C:\AMD
2015-04-07 21:03:36 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2015-04-07 21:02:38 ----A---- C:\Windows\system32\Wdfres.dll
2015-04-07 21:02:38 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2015-04-07 21:02:25 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2015-04-07 21:02:25 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2015-04-07 21:02:13 ----D---- C:\Users\Tomas\AppData\Roaming\InstallShield
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-07 21:01:31 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-07 21:01:31 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-07 21:01:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-07 21:01:31 ----A---- C:\Windows\system32\wups.dll
2015-04-07 21:01:31 ----A---- C:\Windows\system32\wudriver.dll
2015-04-07 21:01:31 ----A---- C:\Windows\system32\wuapi.dll
2015-04-07 21:01:29 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-07 21:01:29 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-07 21:01:29 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-07 21:01:29 ----A---- C:\Windows\system32\wuapp.exe
2015-04-07 21:00:43 ----A---- C:\Windows\system32\RTNUninst64.dll
2015-04-07 20:59:03 ----D---- C:\Program Files (x86)\Realtek
2015-04-07 20:59:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-07 20:58:40 ----HD---- C:\Program Files (x86)\Temp
2015-04-07 20:58:39 ----A---- C:\Windows\RtlExUpd.dll
2015-04-07 20:58:24 ----D---- C:\Program Files (x86)\ASUS
2015-04-07 20:58:24 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2015-04-07 20:58:24 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFx.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFSvc.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFPlatform.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFHost.exe
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2015-04-07 20:58:17 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2015-04-07 20:58:13 ----D---- C:\Program Files\ASUS
2015-04-07 20:58:12 ----A---- C:\Windows\system32\WudfUpdate_01011.dll
2015-04-07 20:56:51 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2015-04-07 20:56:50 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2015-04-07 20:55:28 ----D---- C:\Users\Tomas\AppData\Roaming\Intel Corporation
2015-04-07 20:55:19 ----D---- C:\ProgramData\Intel
2015-04-07 20:55:16 ----D---- C:\Program Files\Intel
2015-04-07 20:54:04 ----D---- C:\Windows\Install
2015-04-07 20:52:17 ----D---- C:\Windows\Migration
2015-04-07 20:48:30 ----RA---- C:\Windows\SYSWOW64\CSVer.dll
2015-04-07 20:48:30 ----D---- C:\Program Files (x86)\Intel
2015-04-07 20:48:08 ----D---- C:\Intel
2015-04-07 20:47:04 ----D---- C:\Windows\Chipset
2015-04-07 20:46:05 ----A---- C:\Windows\Ascd_tmp.ini
2015-04-07 20:44:03 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-07 20:42:28 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-04-07 20:42:21 ----SHD---- C:\Windows\Installer
2015-04-07 20:40:09 ----D---- C:\Windows\Intel_Chipset_Win7-8-8-1_V10016
2015-04-07 20:40:09 ----A---- C:\Windows\AsTaskSched.dll
2015-04-07 20:40:04 ----A---- C:\Windows\system32\drivers\volsnap.sys
2015-04-07 20:39:56 ----A---- C:\Windows\Language_trs.ini
2015-04-07 20:36:53 ----D---- C:\Windows\SoftwareDistribution
2015-04-07 20:35:58 ----D---- C:\Users\Tomas\AppData\Roaming\Identities
2015-04-07 20:35:50 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
2015-04-07 20:35:50 ----D---- C:\Users\Tomas\AppData\Roaming\Media Center Programs
2015-04-07 20:35:47 ----SHD---- C:\Recovery
2015-04-07 20:28:18 ----D---- C:\Windows\Prefetch
2015-04-07 20:27:54 ----SHD---- C:\System Volume Information
2015-04-07 20:27:54 ----ASH---- C:\pagefile.sys
2015-04-07 20:27:54 ----ASH---- C:\hiberfil.sys
2015-03-31 03:22:54 ----A---- C:\Windows\system32\msvcr100.dll
2015-03-31 03:22:54 ----A---- C:\Windows\system32\msvcp100.dll
2015-03-31 00:55:24 ----A---- C:\Windows\SYSWOW64\msvcr100.dll
2015-03-31 00:55:24 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
======List of files/folders modified in the last 1 month======
2015-04-20 14:01:53 ----D---- C:\Windows\Temp
2015-04-20 14:01:51 ----RD---- C:\Program Files
2015-04-20 13:51:55 ----D---- C:\Windows\system32\drivers
2015-04-20 13:51:55 ----D---- C:\Windows
2015-04-20 13:51:54 ----HD---- C:\ProgramData
2015-04-20 13:43:36 ----D---- C:\Windows\System32
2015-04-20 13:43:36 ----D---- C:\Windows\inf
2015-04-20 13:43:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 23:13:07 ----D---- C:\Program Files (x86)\Common Files
2015-04-19 23:12:21 ----RD---- C:\Program Files (x86)
2015-04-19 21:56:00 ----D---- C:\Windows\system32\config
2015-04-19 20:46:43 ----D---- C:\Windows\Microsoft.NET
2015-04-19 20:45:34 ----RSD---- C:\Windows\assembly
2015-04-19 20:38:41 ----RSD---- C:\Windows\Fonts
2015-04-19 20:20:06 ----D---- C:\Windows\Tasks
2015-04-19 20:20:06 ----D---- C:\Windows\system32\Tasks
2015-04-19 20:20:05 ----D---- C:\Windows\SysWOW64
2015-04-19 20:01:07 ----D---- C:\Windows\winsxs
2015-04-19 19:49:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-04-19 19:44:11 ----SD---- C:\ProgramData\Microsoft
2015-04-18 21:04:18 ----D---- C:\Windows\system32\catroot2
2015-04-18 20:49:20 ----D---- C:\Windows\rescache
2015-04-18 18:20:56 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-18 18:20:56 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-18 18:20:56 ----D---- C:\Windows\system32\sk-SK
2015-04-18 18:20:56 ----D---- C:\Windows\system32\en-US
2015-04-18 18:20:56 ----D---- C:\Windows\AppPatch
2015-04-18 18:20:56 ----D---- C:\Program Files\Internet Explorer
2015-04-18 18:20:56 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-18 15:56:46 ----D---- C:\Windows\debug
2015-04-15 14:36:21 ----D---- C:\Windows\PolicyDefinitions
2015-04-10 18:30:40 ----D---- C:\Windows\system32\NDF
2015-04-10 17:00:44 ----D---- C:\Windows\system32\DriverStore
2015-04-09 11:45:02 ----D---- C:\Windows\system32\wdi
2015-04-09 10:11:05 ----D---- C:\Windows\Logs
2015-04-09 09:33:06 ----D---- C:\Windows\system32\catroot
2015-04-08 16:03:15 ----SHD---- C:\$Recycle.Bin
2015-04-08 16:03:13 ----RD---- C:\Users
2015-04-08 15:56:12 ----A---- C:\Windows\system32\drivers\USB3Ver.dll
2015-04-08 14:25:00 ----D---- C:\Windows\AppCompat
2015-04-07 23:59:01 ----D---- C:\Windows\twain_32
2015-04-07 22:58:39 ----D---- C:\Windows\ehome
2015-04-07 22:58:39 ----D---- C:\Program Files\Common Files\System
2015-04-07 22:58:38 ----D---- C:\Windows\SYSWOW64\migration
2015-04-07 22:58:38 ----D---- C:\Windows\system32\migration
2015-04-07 22:58:37 ----D---- C:\Windows\SYSWOW64\wbem
2015-04-07 22:58:37 ----D---- C:\Windows\system32\wbem
2015-04-07 22:58:37 ----D---- C:\Windows\system32\drivers\en-US
2015-04-07 22:58:37 ----D---- C:\Program Files\Windows Journal
2015-04-07 22:58:36 ----D---- C:\Windows\SYSWOW64\Dism
2015-04-07 22:58:36 ----D---- C:\Program Files\Windows Media Player
2015-04-07 22:58:36 ----D---- C:\Program Files (x86)\Windows Media Player
2015-04-07 22:58:35 ----D---- C:\Windows\system32\Dism
2015-04-07 22:58:34 ----D---- C:\Windows\system32\CodeIntegrity
2015-04-07 22:58:34 ----D---- C:\Windows\system32\Boot
2015-04-07 22:58:29 ----D---- C:\Windows\tracing
2015-04-07 22:58:29 ----D---- C:\Program Files\Windows Defender
2015-04-07 22:58:29 ----D---- C:\Program Files (x86)\Windows Defender
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\zh-TW
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\zh-HK
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\zh-CN
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\tr-TR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\sv-SE
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\ru-RU
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\pt-PT
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\pt-BR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\pl-PL
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\nb-NO
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\ko-KR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\ja-JP
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\it-IT
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\hu-HU
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\fr-FR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\fi-FI
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\es-ES
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\el-GR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\de-DE
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\da-DK
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-07 22:58:22 ----D---- C:\Windows\system32\zh-TW
2015-04-07 22:58:22 ----D---- C:\Windows\system32\zh-HK
2015-04-07 22:58:22 ----D---- C:\Windows\system32\zh-CN
2015-04-07 22:58:22 ----D---- C:\Windows\system32\tr-TR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\sv-SE
2015-04-07 22:58:22 ----D---- C:\Windows\system32\ru-RU
2015-04-07 22:58:22 ----D---- C:\Windows\system32\pt-PT
2015-04-07 22:58:22 ----D---- C:\Windows\system32\pt-BR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\pl-PL
2015-04-07 22:58:22 ----D---- C:\Windows\system32\nl-NL
2015-04-07 22:58:22 ----D---- C:\Windows\system32\nb-NO
2015-04-07 22:58:22 ----D---- C:\Windows\system32\ko-KR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\ja-JP
2015-04-07 22:58:22 ----D---- C:\Windows\system32\it-IT
2015-04-07 22:58:22 ----D---- C:\Windows\system32\hu-HU
2015-04-07 22:58:22 ----D---- C:\Windows\system32\fr-FR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\fi-FI
2015-04-07 22:58:22 ----D---- C:\Windows\system32\es-ES
2015-04-07 22:58:22 ----D---- C:\Windows\system32\el-GR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\de-DE
2015-04-07 22:58:22 ----D---- C:\Windows\system32\da-DK
2015-04-07 22:58:22 ----D---- C:\Windows\system32\cs-CZ
2015-04-07 21:14:27 ----D---- C:\Program Files\Common Files
2015-04-07 20:58:24 ----D---- C:\Windows\SYSWOW64\drivers
2015-04-07 20:58:13 ----D---- C:\Windows\system32\drivers\UMDF
2015-04-07 20:39:58 ----D---- C:\Windows\system32\restore
2015-04-07 20:29:37 ----D---- C:\Windows\system32\sysprep
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-08 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-08 271200]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-05-28 672104]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-05-28 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-08 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-08 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-08 442264]
R1 SMR430;Symantec SMR Utility Service 4.3.0; C:\Windows\System32\drivers\SMR430.SYS [2015-04-20 108216]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-08 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-08 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-08 136752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-03 4290520]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-04-08 936664]
S3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-08 343336]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-03-18 2719928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-05-28 16232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-07 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-18 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-03-31 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-03-31 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-04-20 14:01:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (67%) free of 100 GB
Total RAM: 8130 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:54, on 20. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Tomas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1305448921-1843047715-643026882-1001\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" (User 'Animatrix')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8494 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-defc0ff7-6eb5-47e4-84d0-962738cecd7d -SystemEventPortName:HostProcess-8d22cb6e-47b9-470c-b8f8-f39f6ebbc8c3 -IoCancelEventPortName:HostProcess-93d6ee28-aa31-44bb-b077-003a0c128cee -NonStateChangingEventPortName:HostProcess-d818f869-7462-4e3c-9201-a16685741f28 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e0cfb3c7-4ba9-4c4e-a1fd-084e42cd6513 -DeviceGroupId:
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HydraDM64.exe -h:65912 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
taskeng.exe {603C0E72-F056-45A3-8BEE-38AA831364D4}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tomas\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\30eva419.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-19 219296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-08 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-19 886480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-19 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-08 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-19 710872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-11-26 7659736]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-05-28 36352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-12-06 389120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2015-04-08 292848]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-08 5512912]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-20 14:01:51 ----D---- C:\rsit
2015-04-20 14:01:51 ----D---- C:\Program Files\trend micro
2015-04-20 13:51:55 ----A---- C:\Windows\system32\drivers\SMR430.dat
2015-04-20 13:50:08 ----A---- C:\Windows\WORDPAD.INI
2015-04-20 13:39:23 ----D---- C:\NPE
2015-04-20 13:39:14 ----A---- C:\Windows\ntbtlog.txt
2015-04-20 13:38:03 ----A---- C:\Windows\system32\drivers\SMR430.SYS
2015-04-20 13:37:58 ----D---- C:\ProgramData\Norton
2015-04-20 13:22:09 ----D---- C:\Program Files\Reason
2015-04-20 13:00:04 ----RASHD---- C:\Autorun.inf
2015-04-19 23:12:32 ----D---- C:\Config.Msi
2015-04-19 20:20:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 20:07:26 ----D---- C:\Users\Tomas\AppData\Roaming\Nero
2015-04-19 20:01:22 ----D---- C:\ProgramData\Nero
2015-04-19 19:49:17 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-04-19 19:49:17 ----D---- C:\Program Files (x86)\Microsoft Office
2015-04-19 19:44:09 ----D---- C:\Program Files\Microsoft Office 15
2015-04-19 19:41:56 ----D---- C:\Program Files\CCleaner
2015-04-18 21:47:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-18 19:43:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 16:11:30 ----D---- C:\Windows\pss
2015-04-18 15:48:25 ----D---- C:\Users\Tomas\AppData\Roaming\vlc
2015-04-18 15:48:11 ----D---- C:\Program Files\VideoLAN
2015-04-11 20:37:55 ----D---- C:\Users\Tomas\AppData\Roaming\Geek Uninstaller
2015-04-11 19:57:09 ----A---- C:\Windows\UC.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\RAR.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\PKZIP.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\PKUNZIP.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\LHA.PIF
2015-04-11 19:57:09 ----A---- C:\Windows\ARJ.PIF
2015-04-11 19:57:08 ----D---- C:\Users\Tomas\AppData\Roaming\GHISLER
2015-04-11 19:57:08 ----D---- C:\totalcmd
2015-04-10 16:49:12 ----D---- C:\Windows\CheckSur
2015-04-10 16:41:35 ----A---- C:\DelFix.txt
2015-04-09 22:29:54 ----A---- C:\Windows\system32\perfh01B.dat
2015-04-09 22:29:54 ----A---- C:\Windows\system32\perfc01B.dat
2015-04-08 18:45:47 ----D---- C:\LibreOfficePortable
2015-04-08 17:42:42 ----D---- C:\Users\Tomas\AppData\Roaming\Macromedia
2015-04-08 17:40:48 ----D---- C:\Windows\SYSWOW64\Macromed
2015-04-08 17:40:47 ----D---- C:\Windows\system32\Macromed
2015-04-08 15:22:40 ----A---- C:\Windows\system32\RtNicProp64.dll
2015-04-08 15:22:40 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2015-04-08 15:19:13 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-04-08 15:19:13 ----D---- C:\Program Files\Realtek
2015-04-08 15:18:57 ----N---- C:\Windows\system32\drivers\DTSU2P.DAT
2015-04-08 15:18:54 ----A---- C:\Windows\system32\YamahaAE.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\WavesGUILib64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tossaeapo64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\toseaeapo64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tosasfapo64.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tosade.dll
2015-04-08 15:18:53 ----A---- C:\Windows\system32\tepeqapo64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\tadefxapo264.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\tadefxapo.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SStudio.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSWOW64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSTSX64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSTSH64.dll
2015-04-08 15:18:52 ----A---- C:\Windows\system32\SRSHP64.dll
2015-04-08 15:18:50 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFSS_APO.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFNHK64.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFCOM64.dll
2015-04-08 15:18:50 ----A---- C:\Windows\system32\SFAPO64.dll
2015-04-08 15:18:48 ----A---- C:\Windows\system32\RtPgEx64.dll
2015-04-08 15:18:48 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2015-04-08 15:18:48 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RtkCfg64.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEEP64A.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEEL64A.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEEG64A.dll
2015-04-08 15:18:47 ----A---- C:\Windows\system32\RTEED64A.dll
2015-04-08 15:18:46 ----A---- C:\Windows\system32\RP3DHT64.dll
2015-04-08 15:18:46 ----A---- C:\Windows\system32\RP3DAA64.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEP64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEL64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEG64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EED64A.dll
2015-04-08 15:18:39 ----A---- C:\Windows\system32\R4EEA64A.dll
2015-04-08 15:18:38 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-04-08 15:18:38 ----A---- C:\Windows\system32\MISS_APO.dll
2015-04-08 15:18:35 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-04-08 15:18:33 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-04-08 15:18:32 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-04-08 15:18:32 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2015-04-08 15:18:30 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-04-08 15:18:29 ----A---- C:\Windows\system32\KAAPORT64.dll
2015-04-08 15:18:23 ----A---- C:\Windows\system32\FMAPO64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2015-04-08 15:18:22 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPP64A.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPO64A.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPD64A.dll
2015-04-08 15:18:21 ----A---- C:\Windows\system32\DDPA64.dll
2015-04-08 15:18:20 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-04-08 15:18:20 ----A---- C:\Windows\system32\audioLibVc.dll
2015-04-08 15:18:20 ----A---- C:\Windows\system32\AERTAR64.dll
2015-04-08 15:18:19 ----A---- C:\Windows\system32\AERTAC64.dll
2015-04-08 15:18:19 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2015-04-08 09:30:23 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-04-08 09:30:23 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-04-08 09:29:25 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-04-08 09:29:25 ----A---- C:\Windows\system32\d2d1.dll
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDRU.DLL
2015-04-08 09:29:16 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-04-08 09:29:05 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-04-08 09:29:05 ----A---- C:\Windows\system32\rdpudd.dll
2015-04-08 09:29:05 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-04-08 09:29:05 ----A---- C:\Windows\system32\rdpcorets.dll
2015-04-08 09:29:05 ----A---- C:\Windows\explorer.exe
2015-04-08 09:29:04 ----A---- C:\Windows\system32\esent.dll
2015-04-08 09:29:03 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2015-04-08 09:29:03 ----A---- C:\Windows\SYSWOW64\esent.dll
2015-04-08 09:29:03 ----A---- C:\Windows\system32\fsutil.exe
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\nvstor.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\nvraid.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\amdxata.sys
2015-04-08 09:29:03 ----A---- C:\Windows\system32\drivers\amdsata.sys
2015-04-08 09:29:02 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-04-08 09:29:02 ----A---- C:\Windows\system32\d3d10warp.dll
2015-04-08 09:28:58 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-04-08 09:28:58 ----A---- C:\Windows\system32\mstscax.dll
2015-04-08 09:28:57 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-04-08 09:28:57 ----A---- C:\Windows\system32\spoolsv.exe
2015-04-08 09:28:57 ----A---- C:\Windows\splwow64.exe
2015-04-08 09:28:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-08 00:21:02 ----D---- C:\Program Files (x86)\VideoLAN
2015-04-08 00:19:22 ----D---- C:\Users\Tomas\AppData\Roaming\AVAST Software
2015-04-08 00:18:26 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-04-08 00:18:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-04-08 00:18:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-04-08 00:18:25 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-04-08 00:18:24 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-04-08 00:18:23 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-04-08 00:18:21 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-04-08 00:18:19 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-04-08 00:18:18 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-08 00:18:13 ----A---- C:\Windows\avastSS.scr
2015-04-08 00:17:51 ----D---- C:\Program Files\AVAST Software
2015-04-08 00:16:49 ----D---- C:\ProgramData\AVAST Software
2015-04-08 00:16:24 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2015-04-08 00:16:19 ----D---- C:\ProgramData\Microsoft OneDrive
2015-04-08 00:11:22 ----D---- C:\Users\Tomas\AppData\Roaming\Mozilla
2015-04-08 00:11:18 ----D---- C:\ProgramData\Mozilla
2015-04-08 00:04:26 ----D---- C:\Program Files (x86)\Longman
2015-04-07 23:59:09 ----N---- C:\Windows\system32\HPDiscoPMB011.dll
2015-04-07 23:56:42 ----A---- C:\Windows\system32\HPWia2_DJ3520.dll
2015-04-07 23:56:37 ----A---- C:\Windows\system32\HPScanTRDrv_DJ3520.dll
2015-04-07 23:51:16 ----D---- C:\Program Files (x86)\HP
2015-04-07 23:51:15 ----D---- C:\Program Files\HP
2015-04-07 23:50:41 ----A---- C:\ProgramData\Ament.ini
2015-04-07 23:48:41 ----D---- C:\ProgramData\HP
2015-04-07 23:48:30 ----A---- C:\Windows\system32\HPWia2_DJ1050_J410.dll
2015-04-07 23:48:30 ----A---- C:\Windows\system32\HPScanTRDrv_DJ1050_J410.dll
2015-04-07 23:14:42 ----D---- C:\Windows\SYSWOW64\Wat
2015-04-07 23:14:42 ----D---- C:\Windows\system32\Wat
2015-04-07 23:13:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-04-07 23:13:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-04-07 23:13:48 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-04-07 23:13:48 ----A---- C:\Windows\system32\WMPhoto.dll
2015-04-07 23:12:21 ----D---- C:\Users\Tomas\AppData\Roaming\Adobe
2015-04-07 22:58:28 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-07 22:58:28 ----SD---- C:\Windows\system32\GWX
2015-04-07 22:58:27 ----SD---- C:\Windows\system32\CompatTel
2015-04-07 22:58:27 ----D---- C:\Windows\system32\appraiser
2015-04-07 22:40:43 ----A---- C:\Windows\system32\IEUDINIT.EXE
2015-04-07 22:35:44 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\msls31.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-07 22:35:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-07 22:35:43 ----A---- C:\Windows\system32\elshyph.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\wextract.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\url.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\inseng.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\icardie.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-07 22:35:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\wininet.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\urlmon.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2015-04-07 22:35:42 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msrating.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msls31.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\mshtmler.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msfeedssync.exe
2015-04-07 22:35:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jsIntl.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\jscript9.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\ieui.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\iesysprep.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\iertutil.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\ieframe.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\IEAdvpack.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-07 22:35:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\wextract.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\webcheck.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\vbscript.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\url.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\pngfilt.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\occache.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshtml.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\mshta.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\licmgr10.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\jscript.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\inseng.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\imgutil.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iexpress.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iernonce.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iepeers.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ieapfltr.dat
2015-04-07 22:35:41 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-07 22:35:41 ----A---- C:\Windows\system32\icardie.dll
2015-04-07 22:33:07 ----D---- C:\Users\Tomas\AppData\Roaming\ATI
2015-04-07 22:33:07 ----D---- C:\ProgramData\ATI
2015-04-07 22:25:16 ----D---- C:\Users\Tomas\AppData\Roaming\DisplayTune
2015-04-07 22:23:11 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-04-07 22:23:10 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\wksprtPS.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\wksprt.exe
2015-04-07 22:23:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-07 22:23:10 ----A---- C:\Windows\system32\tsgqec.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\mstsc.exe
2015-04-07 22:23:10 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-04-07 22:23:10 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-04-07 22:20:56 ----A---- C:\Windows\msvcr70.dll
2015-04-07 22:20:56 ----A---- C:\Windows\msvcp70.dll
2015-04-07 22:20:56 ----A---- C:\Windows\msvbvm60.dll
2015-04-07 21:59:22 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2015-04-07 21:59:22 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-04-07 21:59:21 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2015-04-07 21:59:21 ----A---- C:\Windows\system32\rdpendp_winip.dll
2015-04-07 21:43:04 ----D---- C:\Windows\system32\MRT
2015-04-07 21:43:03 ----A---- C:\Windows\system32\MRT.exe
2015-04-07 21:39:30 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2015-04-07 21:39:30 ----A---- C:\Windows\system32\UIAnimation.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-07 21:39:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\dxgi.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10level9.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-04-07 21:39:29 ----A---- C:\Windows\system32\d3d10_1.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-04-07 21:39:28 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\XpsPrint.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\FntCache.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\DWrite.dll
2015-04-07 21:39:28 ----A---- C:\Windows\system32\d3d10.dll
2015-04-07 21:38:54 ----A---- C:\Windows\SYSWOW64\wmi.dll
2015-04-07 21:38:54 ----A---- C:\Windows\system32\wmi.dll
2015-04-07 21:38:54 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2015-04-07 21:35:12 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2015-04-07 21:35:12 ----A---- C:\Windows\SYSWOW64\icardres.dll
2015-04-07 21:35:12 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2015-04-07 21:35:12 ----A---- C:\Windows\system32\infocardapi.dll
2015-04-07 21:35:12 ----A---- C:\Windows\system32\icardres.dll
2015-04-07 21:35:12 ----A---- C:\Windows\system32\icardagt.exe
2015-04-07 21:35:07 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2015-04-07 21:35:07 ----A---- C:\Windows\system32\TsWpfWrp.exe
2015-04-07 21:34:22 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-04-07 21:34:22 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-04-07 21:34:22 ----A---- C:\Windows\system32\wmp.dll
2015-04-07 21:34:22 ----A---- C:\Windows\system32\drmv2clt.dll
2015-04-07 21:34:22 ----A---- C:\Windows\system32\blackbox.dll
2015-04-07 21:34:21 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-04-07 21:34:21 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-04-07 21:34:21 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-04-07 21:34:21 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-04-07 21:34:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-07 21:34:21 ----A---- C:\Windows\system32\mf.dll
2015-04-07 21:34:21 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-04-07 21:34:20 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\wintrust.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\winresume.exe
2015-04-07 21:34:20 ----A---- C:\Windows\system32\winload.exe
2015-04-07 21:34:20 ----A---- C:\Windows\system32\quartz.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\qdvd.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\mfplat.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\evr.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-04-07 21:34:20 ----A---- C:\Windows\system32\cryptui.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\cryptsvc.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\cryptnet.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\crypt32.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\ci.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\audiosrv.dll
2015-04-07 21:34:20 ----A---- C:\Windows\system32\AudioEng.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-04-07 21:34:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\wmploc.DLL
2015-04-07 21:34:19 ----A---- C:\Windows\system32\srcore.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\srclient.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\spwmp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\smss.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\rstrui.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\rrinstaller.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcawrk.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcasvc.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcalua.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcaevts.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\pcadm.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\msscp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\msnetobj.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\msmmsp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\mfps.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\mfpmp.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\mferror.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\EncDump.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\dxmasf.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-04-07 21:34:19 ----A---- C:\Windows\system32\drivers\appid.sys
2015-04-07 21:34:19 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\cryptsp.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\AudioSes.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\audiodg.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidsvc.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-04-07 21:34:19 ----A---- C:\Windows\system32\appidapi.dll
2015-04-07 21:34:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-07 21:34:05 ----A---- C:\Windows\SYSWOW64\winsta.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\winsta.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\winlogon.exe
2015-04-07 21:34:05 ----A---- C:\Windows\system32\rdrmemptylst.exe
2015-04-07 21:34:05 ----A---- C:\Windows\system32\rdpwsx.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\rdpcorekmts.dll
2015-04-07 21:34:05 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2015-04-07 21:34:05 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\objsel.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\wincredprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\objsel.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\dpapiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\dimsroam.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\cngprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\capiprovider.dll
2015-04-07 21:33:50 ----A---- C:\Windows\system32\adprovider.dll
2015-04-07 21:33:44 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2015-04-07 21:33:44 ----A---- C:\Windows\SYSWOW64\gameux.dll
2015-04-07 21:33:44 ----A---- C:\Windows\system32\Wpc.dll
2015-04-07 21:33:44 ----A---- C:\Windows\system32\gameux.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-07 21:33:40 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\schannel.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\kerberos.dll
2015-04-07 21:33:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-07 21:33:40 ----A---- C:\Windows\system32\drivers\cng.sys
2015-04-07 21:33:40 ----A---- C:\Windows\system32\adtschema.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-07 21:33:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-07 21:33:39 ----A---- C:\Windows\system32\wdigest.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\sspicli.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\secur32.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\msobjs.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\msaudite.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\lsass.exe
2015-04-07 21:33:39 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-07 21:33:39 ----A---- C:\Windows\system32\credssp.dll
2015-04-07 21:33:39 ----A---- C:\Windows\system32\auditpol.exe
2015-04-07 21:33:38 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2015-04-07 21:33:38 ----A---- C:\Windows\system32\IMJP10K.DLL
2015-04-07 21:33:32 ----A---- C:\Windows\system32\invagent.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\generaltel.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\devinv.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\appraiser.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aepic.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aepdu.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\aeinv.dll
2015-04-07 21:33:32 ----A---- C:\Windows\system32\acmigration.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-07 21:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-07 21:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-07 21:33:25 ----A---- C:\Windows\system32\wow64win.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\wow64.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\winsrv.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\kernel32.dll
2015-04-07 21:33:25 ----A---- C:\Windows\system32\conhost.exe
2015-04-07 21:33:23 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate_isv.exe
2015-04-07 21:33:23 ----A---- C:\Windows\system32\RMActivate.exe
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\secproc.dll
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2015-04-07 21:33:22 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc_ssp.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc_isv.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\secproc.dll
2015-04-07 21:33:22 ----A---- C:\Windows\system32\msdrm.dll
2015-04-07 21:33:20 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-04-07 21:33:20 ----A---- C:\Windows\system32\poqexec.exe
2015-04-07 21:33:15 ----A---- C:\Windows\system32\termsrv.dll
2015-04-07 21:33:09 ----A---- C:\Windows\system32\advapi32.dll
2015-04-07 21:33:08 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-04-07 21:33:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-07 21:33:08 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-04-07 21:33:08 ----A---- C:\Windows\system32\tdh.dll
2015-04-07 21:33:08 ----A---- C:\Windows\system32\ntdll.dll
2015-04-07 21:32:54 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2015-04-07 21:32:54 ----A---- C:\Windows\system32\d3d11.dll
2015-04-07 21:32:53 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2015-04-07 21:32:53 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-04-07 21:32:46 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-04-07 21:32:45 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2015-04-07 21:32:45 ----A---- C:\Windows\system32\netcorehc.dll
2015-04-07 21:32:45 ----A---- C:\Windows\system32\ncsi.dll
2015-04-07 21:32:45 ----A---- C:\Windows\system32\iphlpsvc.dll
2015-04-07 21:32:44 ----A---- C:\Windows\SYSWOW64\netevent.dll
2015-04-07 21:32:44 ----A---- C:\Windows\system32\nlaapi.dll
2015-04-07 21:32:44 ----A---- C:\Windows\system32\netevent.dll
2015-04-07 21:32:44 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2015-04-07 21:32:42 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2015-04-07 21:32:42 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2015-04-07 21:32:42 ----A---- C:\Windows\system32\ntshrui.dll
2015-04-07 21:32:42 ----A---- C:\Windows\system32\cryptdlg.dll
2015-04-07 21:32:36 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-04-07 21:32:36 ----A---- C:\Windows\system32\msxml6.dll
2015-04-07 21:32:35 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-04-07 21:32:35 ----A---- C:\Windows\system32\msxml6r.dll
2015-04-07 21:32:34 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2015-04-07 21:32:34 ----A---- C:\Windows\system32\shdocvw.dll
2015-04-07 21:32:32 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-07 21:32:32 ----A---- C:\Windows\system32\pku2u.dll
2015-04-07 21:32:28 ----A---- C:\Windows\SYSWOW64\certutil.exe
2015-04-07 21:32:28 ----A---- C:\Windows\SYSWOW64\certenc.dll
2015-04-07 21:32:28 ----A---- C:\Windows\system32\certutil.exe
2015-04-07 21:32:28 ----A---- C:\Windows\system32\certenc.dll
2015-04-07 21:32:25 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-04-07 21:32:25 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-04-07 21:32:25 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\msihnd.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\msi.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\consent.exe
2015-04-07 21:32:25 ----A---- C:\Windows\system32\authui.dll
2015-04-07 21:32:25 ----A---- C:\Windows\system32\appinfo.dll
2015-04-07 21:32:24 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2015-04-07 21:32:24 ----A---- C:\Windows\system32\iologmsg.dll
2015-04-07 21:32:24 ----A---- C:\Windows\system32\drivers\storport.sys
2015-04-07 21:32:24 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2015-04-07 21:32:24 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2015-04-07 21:32:23 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2015-04-07 21:32:23 ----A---- C:\Windows\SYSWOW64\credui.dll
2015-04-07 21:32:23 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-07 21:32:23 ----A---- C:\Windows\system32\credui.dll
2015-04-07 21:32:22 ----A---- C:\Windows\system32\shell32.dll
2015-04-07 21:32:21 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-04-07 21:32:21 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2015-04-07 21:32:21 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2015-04-07 21:32:21 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2015-04-07 21:32:21 ----A---- C:\Windows\system32\dhcpcore6.dll
2015-04-07 21:32:18 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2015-04-07 21:32:18 ----A---- C:\Windows\SYSWOW64\browcli.dll
2015-04-07 21:32:18 ----A---- C:\Windows\system32\netapi32.dll
2015-04-07 21:32:18 ----A---- C:\Windows\system32\browser.dll
2015-04-07 21:32:18 ----A---- C:\Windows\system32\browcli.dll
2015-04-07 21:32:17 ----A---- C:\Windows\SYSWOW64\sbe.dll
2015-04-07 21:32:17 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2015-04-07 21:32:17 ----A---- C:\Windows\system32\sbe.dll
2015-04-07 21:32:17 ----A---- C:\Windows\system32\CPFilters.dll
2015-04-07 21:32:16 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2015-04-07 21:32:16 ----A---- C:\Windows\system32\xmllite.dll
2015-04-07 21:32:16 ----A---- C:\Windows\system32\drivers\usbscan.sys
2015-04-07 21:32:16 ----A---- C:\Windows\system32\drivers\hidparse.sys
2015-04-07 21:32:16 ----A---- C:\Windows\system32\drivers\hidclass.sys
2015-04-07 21:32:14 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-04-07 21:32:14 ----A---- C:\Windows\system32\wer.dll
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbport.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbhub.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbehci.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbd.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbcir.sys
2015-04-07 21:32:14 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbctrac.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbccu32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbccr32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\odbccp32.dll
2015-04-07 21:32:12 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-04-07 21:32:11 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\lpk.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\fontsub.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\dciman32.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\atmlib.dll
2015-04-07 21:32:11 ----A---- C:\Windows\system32\atmfd.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\synceng.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\packager.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-07 21:32:10 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\synceng.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\packager.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\msxml3.dll
2015-04-07 21:32:10 ----A---- C:\Windows\system32\comctl32.dll
2015-04-07 21:32:09 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2015-04-07 21:32:09 ----A---- C:\Windows\system32\imagehlp.dll
2015-04-07 21:32:08 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-04-07 21:32:08 ----A---- C:\Windows\system32\tzres.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2015-04-07 21:32:06 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\scesrv.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\mfc42u.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\mfc42.dll
2015-04-07 21:32:06 ----A---- C:\Windows\system32\drivers\fvevol.sys
2015-04-07 21:32:06 ----A---- C:\Windows\system32\dpnet.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-04-07 21:32:05 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\tquery.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-04-07 21:32:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssvp.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssrch.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssphtb.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\mssph.dll
2015-04-07 21:32:05 ----A---- C:\Windows\system32\msscntrs.dll
2015-04-07 21:32:04 ----A---- C:\Windows\SYSWOW64\usp10.dll
2015-04-07 21:32:04 ----A---- C:\Windows\system32\usp10.dll
2015-04-07 21:32:03 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-04-07 21:32:02 ----A---- C:\Windows\system32\wwansvc.dll
2015-04-07 21:32:02 ----A---- C:\Windows\system32\wwanprotdim.dll
2015-04-07 21:32:02 ----A---- C:\Windows\system32\profsvc.dll
2015-04-07 21:32:01 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2015-04-07 21:32:01 ----A---- C:\Windows\system32\msieftp.dll
2015-04-07 21:32:00 ----A---- C:\Windows\SYSWOW64\webio.dll
2015-04-07 21:32:00 ----A---- C:\Windows\system32\webio.dll
2015-04-07 21:32:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-04-07 21:32:00 ----A---- C:\Windows\system32\drivers\netio.sys
2015-04-07 21:32:00 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-04-07 21:31:59 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-04-07 21:31:59 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-04-07 21:31:59 ----A---- C:\Windows\system32\WebClnt.dll
2015-04-07 21:31:59 ----A---- C:\Windows\system32\davclnt.dll
2015-04-07 21:31:58 ----A---- C:\Windows\SYSWOW64\mscories.dll
2015-04-07 21:31:58 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2015-04-07 21:31:58 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2015-04-07 21:31:58 ----A---- C:\Windows\system32\mscories.dll
2015-04-07 21:31:58 ----A---- C:\Windows\system32\mscorier.dll
2015-04-07 21:31:58 ----A---- C:\Windows\system32\dfshim.dll
2015-04-07 21:31:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-04-07 21:31:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-04-07 21:31:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-04-07 21:31:55 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2015-04-07 21:31:55 ----A---- C:\Windows\system32\mswsock.dll
2015-04-07 21:31:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2015-04-07 21:31:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2015-04-07 21:31:54 ----A---- C:\Windows\SYSWOW64\osk.exe
2015-04-07 21:31:54 ----A---- C:\Windows\system32\osk.exe
2015-04-07 21:31:54 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2015-04-07 21:31:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2015-04-07 21:31:54 ----A---- C:\Windows\system32\cdd.dll
2015-04-07 21:31:53 ----A---- C:\Windows\SYSWOW64\wscript.exe
2015-04-07 21:31:53 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2015-04-07 21:31:53 ----A---- C:\Windows\SYSWOW64\cscript.exe
2015-04-07 21:31:53 ----A---- C:\Windows\system32\wscript.exe
2015-04-07 21:31:53 ----A---- C:\Windows\system32\scrrun.dll
2015-04-07 21:31:53 ----A---- C:\Windows\system32\drivers\ataport.sys
2015-04-07 21:31:53 ----A---- C:\Windows\system32\cscript.exe
2015-04-07 21:31:52 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-04-07 21:31:52 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-04-07 21:31:52 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-07 21:31:52 ----A---- C:\Windows\system32\nlasvc.dll
2015-04-07 21:31:52 ----A---- C:\Windows\system32\msctf.dll
2015-04-07 21:31:50 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-04-07 21:31:50 ----A---- C:\Windows\system32\charmap.exe
2015-04-07 21:31:50 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2015-04-07 21:31:50 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-04-07 21:31:49 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WsmSvc.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WsmAuto.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-04-07 21:31:49 ----A---- C:\Windows\system32\wdi.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\powertracker.dll
2015-04-07 21:31:49 ----A---- C:\Windows\system32\perftrack.dll
2015-04-07 21:31:48 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-04-07 21:31:48 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-07 21:31:47 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2015-04-07 21:31:47 ----A---- C:\Windows\system32\WMVDECOD.DLL
2015-04-07 21:31:47 ----A---- C:\Windows\system32\win32k.sys
2015-04-07 21:31:46 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-04-07 21:31:46 ----A---- C:\Windows\SYSWOW64\qedit.dll
2015-04-07 21:31:46 ----A---- C:\Windows\system32\ubpm.dll
2015-04-07 21:31:46 ----A---- C:\Windows\system32\qedit.dll
2015-04-07 21:31:45 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2015-04-07 21:31:45 ----A---- C:\Windows\system32\cdosys.dll
2015-04-07 21:31:44 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2015-04-07 21:31:44 ----A---- C:\Windows\system32\win32spl.dll
2015-04-07 21:31:44 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-04-07 21:31:43 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2015-04-07 21:31:43 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2015-04-07 21:31:43 ----A---- C:\Windows\system32\OxpsConverter.exe
2015-04-07 21:31:43 ----A---- C:\Windows\system32\drivers\afd.sys
2015-04-07 21:31:43 ----A---- C:\Windows\system32\dnsrslvr.dll
2015-04-07 21:31:43 ----A---- C:\Windows\system32\dnscacheugc.exe
2015-04-07 21:31:43 ----A---- C:\Windows\system32\dnsapi.dll
2015-04-07 21:31:42 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-04-07 21:31:42 ----A---- C:\Windows\system32\taskhost.exe
2015-04-07 21:31:42 ----A---- C:\Windows\system32\oleaut32.dll
2015-04-07 21:31:42 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-04-07 21:31:41 ----A---- C:\Windows\SYSWOW64\rastls.dll
2015-04-07 21:31:41 ----A---- C:\Windows\system32\rastls.dll
2015-04-07 21:31:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2015-04-07 21:31:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2015-04-07 21:31:41 ----A---- C:\Windows\system32\drivers\srv.sys
2015-04-07 21:31:40 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-07 21:31:40 ----A---- C:\Windows\system32\gdi32.dll
2015-04-07 21:31:40 ----A---- C:\Windows\system32\drivers\partmgr.sys
2015-04-07 21:31:39 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2015-04-07 21:31:39 ----A---- C:\Windows\system32\psisdecd.dll
2015-04-07 21:31:39 ----A---- C:\Windows\system32\drivers\bowser.sys
2015-04-07 21:31:38 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2015-04-07 21:31:38 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\rdpcore.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\localspl.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\EncDec.dll
2015-04-07 21:31:38 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2015-04-07 21:31:37 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2015-04-07 21:31:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-07 21:31:37 ----A---- C:\Windows\system32\oleacc.dll
2015-04-07 21:31:37 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\devobj.dll
2015-04-07 21:31:35 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2015-04-07 21:31:35 ----A---- C:\Windows\system32\umpnpmgr.dll
2015-04-07 21:31:34 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\msvcrt.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\kdusb.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\kdcom.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\kd1394.dll
2015-04-07 21:31:34 ----A---- C:\Windows\system32\FXSCOVER.exe
2015-04-07 21:31:33 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2015-04-07 21:31:33 ----A---- C:\Windows\system32\prevhost.exe
2015-04-07 21:31:27 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2015-04-07 21:31:27 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2015-04-07 21:31:27 ----A---- C:\Windows\system32\nshwfp.dll
2015-04-07 21:31:27 ----A---- C:\Windows\system32\IKEEXT.DLL
2015-04-07 21:31:27 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2015-04-07 21:30:13 ----A---- C:\Windows\system32\scavengeui.dll
2015-04-07 21:27:29 ----D---- C:\Windows\Panther
2015-04-07 21:17:59 ----A---- C:\Windows\system32\rpcrt4.dll
2015-04-07 21:17:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-04-07 21:15:57 ----D---- C:\ProgramData\AMD
2015-04-07 21:15:57 ----D---- C:\Program Files (x86)\AMD AVT
2015-04-07 21:15:05 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2015-04-07 21:15:05 ----A---- C:\Windows\system32\DelayAPO.dll
2015-04-07 21:15:02 ----D---- C:\Program Files\AMD
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\amdocl_ld32.exe
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\amdocl_as32.exe
2015-04-07 21:14:57 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\OVDecode64.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\OpenVideo64.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\coinst_13.251.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\clinfo.exe
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvsvl.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvsva.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativvaxy_cik.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\ativce02.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\atipblag.dat
2015-04-07 21:14:57 ----A---- C:\Windows\system32\amdocl64.dll
2015-04-07 21:14:57 ----A---- C:\Windows\system32\amdocl_ld64.exe
2015-04-07 21:14:57 ----A---- C:\Windows\system32\amdocl_as64.exe
2015-04-07 21:14:27 ----D---- C:\Program Files\Common Files\ATI Technologies
2015-04-07 21:13:30 ----D---- C:\ProgramData\Package Cache
2015-04-07 21:09:13 ----D---- C:\Program Files (x86)\ATI Technologies
2015-04-07 21:08:48 ----D---- C:\Program Files\ATI Technologies
2015-04-07 21:08:44 ----D---- C:\Program Files\ATI
2015-04-07 21:08:17 ----D---- C:\AMD
2015-04-07 21:03:36 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2015-04-07 21:02:38 ----A---- C:\Windows\system32\Wdfres.dll
2015-04-07 21:02:38 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2015-04-07 21:02:25 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2015-04-07 21:02:25 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2015-04-07 21:02:13 ----D---- C:\Users\Tomas\AppData\Roaming\InstallShield
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-07 21:01:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-07 21:01:31 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-07 21:01:31 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-07 21:01:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-07 21:01:31 ----A---- C:\Windows\system32\wups.dll
2015-04-07 21:01:31 ----A---- C:\Windows\system32\wudriver.dll
2015-04-07 21:01:31 ----A---- C:\Windows\system32\wuapi.dll
2015-04-07 21:01:29 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-07 21:01:29 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-07 21:01:29 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-07 21:01:29 ----A---- C:\Windows\system32\wuapp.exe
2015-04-07 21:00:43 ----A---- C:\Windows\system32\RTNUninst64.dll
2015-04-07 20:59:03 ----D---- C:\Program Files (x86)\Realtek
2015-04-07 20:59:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-07 20:58:40 ----HD---- C:\Program Files (x86)\Temp
2015-04-07 20:58:39 ----A---- C:\Windows\RtlExUpd.dll
2015-04-07 20:58:24 ----D---- C:\Program Files (x86)\ASUS
2015-04-07 20:58:24 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2015-04-07 20:58:24 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFx.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFSvc.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFPlatform.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFHost.exe
2015-04-07 20:58:17 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2015-04-07 20:58:17 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2015-04-07 20:58:17 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2015-04-07 20:58:13 ----D---- C:\Program Files\ASUS
2015-04-07 20:58:12 ----A---- C:\Windows\system32\WudfUpdate_01011.dll
2015-04-07 20:56:51 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2015-04-07 20:56:50 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2015-04-07 20:55:28 ----D---- C:\Users\Tomas\AppData\Roaming\Intel Corporation
2015-04-07 20:55:19 ----D---- C:\ProgramData\Intel
2015-04-07 20:55:16 ----D---- C:\Program Files\Intel
2015-04-07 20:54:04 ----D---- C:\Windows\Install
2015-04-07 20:52:17 ----D---- C:\Windows\Migration
2015-04-07 20:48:30 ----RA---- C:\Windows\SYSWOW64\CSVer.dll
2015-04-07 20:48:30 ----D---- C:\Program Files (x86)\Intel
2015-04-07 20:48:08 ----D---- C:\Intel
2015-04-07 20:47:04 ----D---- C:\Windows\Chipset
2015-04-07 20:46:05 ----A---- C:\Windows\Ascd_tmp.ini
2015-04-07 20:44:03 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-07 20:42:28 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-04-07 20:42:21 ----SHD---- C:\Windows\Installer
2015-04-07 20:40:09 ----D---- C:\Windows\Intel_Chipset_Win7-8-8-1_V10016
2015-04-07 20:40:09 ----A---- C:\Windows\AsTaskSched.dll
2015-04-07 20:40:04 ----A---- C:\Windows\system32\drivers\volsnap.sys
2015-04-07 20:39:56 ----A---- C:\Windows\Language_trs.ini
2015-04-07 20:36:53 ----D---- C:\Windows\SoftwareDistribution
2015-04-07 20:35:58 ----D---- C:\Users\Tomas\AppData\Roaming\Identities
2015-04-07 20:35:50 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
2015-04-07 20:35:50 ----D---- C:\Users\Tomas\AppData\Roaming\Media Center Programs
2015-04-07 20:35:47 ----SHD---- C:\Recovery
2015-04-07 20:28:18 ----D---- C:\Windows\Prefetch
2015-04-07 20:27:54 ----SHD---- C:\System Volume Information
2015-04-07 20:27:54 ----ASH---- C:\pagefile.sys
2015-04-07 20:27:54 ----ASH---- C:\hiberfil.sys
2015-03-31 03:22:54 ----A---- C:\Windows\system32\msvcr100.dll
2015-03-31 03:22:54 ----A---- C:\Windows\system32\msvcp100.dll
2015-03-31 00:55:24 ----A---- C:\Windows\SYSWOW64\msvcr100.dll
2015-03-31 00:55:24 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
======List of files/folders modified in the last 1 month======
2015-04-20 14:01:53 ----D---- C:\Windows\Temp
2015-04-20 14:01:51 ----RD---- C:\Program Files
2015-04-20 13:51:55 ----D---- C:\Windows\system32\drivers
2015-04-20 13:51:55 ----D---- C:\Windows
2015-04-20 13:51:54 ----HD---- C:\ProgramData
2015-04-20 13:43:36 ----D---- C:\Windows\System32
2015-04-20 13:43:36 ----D---- C:\Windows\inf
2015-04-20 13:43:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 23:13:07 ----D---- C:\Program Files (x86)\Common Files
2015-04-19 23:12:21 ----RD---- C:\Program Files (x86)
2015-04-19 21:56:00 ----D---- C:\Windows\system32\config
2015-04-19 20:46:43 ----D---- C:\Windows\Microsoft.NET
2015-04-19 20:45:34 ----RSD---- C:\Windows\assembly
2015-04-19 20:38:41 ----RSD---- C:\Windows\Fonts
2015-04-19 20:20:06 ----D---- C:\Windows\Tasks
2015-04-19 20:20:06 ----D---- C:\Windows\system32\Tasks
2015-04-19 20:20:05 ----D---- C:\Windows\SysWOW64
2015-04-19 20:01:07 ----D---- C:\Windows\winsxs
2015-04-19 19:49:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-04-19 19:44:11 ----SD---- C:\ProgramData\Microsoft
2015-04-18 21:04:18 ----D---- C:\Windows\system32\catroot2
2015-04-18 20:49:20 ----D---- C:\Windows\rescache
2015-04-18 18:20:56 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-18 18:20:56 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-18 18:20:56 ----D---- C:\Windows\system32\sk-SK
2015-04-18 18:20:56 ----D---- C:\Windows\system32\en-US
2015-04-18 18:20:56 ----D---- C:\Windows\AppPatch
2015-04-18 18:20:56 ----D---- C:\Program Files\Internet Explorer
2015-04-18 18:20:56 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-18 15:56:46 ----D---- C:\Windows\debug
2015-04-15 14:36:21 ----D---- C:\Windows\PolicyDefinitions
2015-04-10 18:30:40 ----D---- C:\Windows\system32\NDF
2015-04-10 17:00:44 ----D---- C:\Windows\system32\DriverStore
2015-04-09 11:45:02 ----D---- C:\Windows\system32\wdi
2015-04-09 10:11:05 ----D---- C:\Windows\Logs
2015-04-09 09:33:06 ----D---- C:\Windows\system32\catroot
2015-04-08 16:03:15 ----SHD---- C:\$Recycle.Bin
2015-04-08 16:03:13 ----RD---- C:\Users
2015-04-08 15:56:12 ----A---- C:\Windows\system32\drivers\USB3Ver.dll
2015-04-08 14:25:00 ----D---- C:\Windows\AppCompat
2015-04-07 23:59:01 ----D---- C:\Windows\twain_32
2015-04-07 22:58:39 ----D---- C:\Windows\ehome
2015-04-07 22:58:39 ----D---- C:\Program Files\Common Files\System
2015-04-07 22:58:38 ----D---- C:\Windows\SYSWOW64\migration
2015-04-07 22:58:38 ----D---- C:\Windows\system32\migration
2015-04-07 22:58:37 ----D---- C:\Windows\SYSWOW64\wbem
2015-04-07 22:58:37 ----D---- C:\Windows\system32\wbem
2015-04-07 22:58:37 ----D---- C:\Windows\system32\drivers\en-US
2015-04-07 22:58:37 ----D---- C:\Program Files\Windows Journal
2015-04-07 22:58:36 ----D---- C:\Windows\SYSWOW64\Dism
2015-04-07 22:58:36 ----D---- C:\Program Files\Windows Media Player
2015-04-07 22:58:36 ----D---- C:\Program Files (x86)\Windows Media Player
2015-04-07 22:58:35 ----D---- C:\Windows\system32\Dism
2015-04-07 22:58:34 ----D---- C:\Windows\system32\CodeIntegrity
2015-04-07 22:58:34 ----D---- C:\Windows\system32\Boot
2015-04-07 22:58:29 ----D---- C:\Windows\tracing
2015-04-07 22:58:29 ----D---- C:\Program Files\Windows Defender
2015-04-07 22:58:29 ----D---- C:\Program Files (x86)\Windows Defender
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\zh-TW
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\zh-HK
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\zh-CN
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\tr-TR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\sv-SE
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\ru-RU
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\pt-PT
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\pt-BR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\pl-PL
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\nb-NO
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\ko-KR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\ja-JP
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\it-IT
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\hu-HU
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\fr-FR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\fi-FI
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\es-ES
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\el-GR
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\de-DE
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\da-DK
2015-04-07 22:58:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-07 22:58:22 ----D---- C:\Windows\system32\zh-TW
2015-04-07 22:58:22 ----D---- C:\Windows\system32\zh-HK
2015-04-07 22:58:22 ----D---- C:\Windows\system32\zh-CN
2015-04-07 22:58:22 ----D---- C:\Windows\system32\tr-TR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\sv-SE
2015-04-07 22:58:22 ----D---- C:\Windows\system32\ru-RU
2015-04-07 22:58:22 ----D---- C:\Windows\system32\pt-PT
2015-04-07 22:58:22 ----D---- C:\Windows\system32\pt-BR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\pl-PL
2015-04-07 22:58:22 ----D---- C:\Windows\system32\nl-NL
2015-04-07 22:58:22 ----D---- C:\Windows\system32\nb-NO
2015-04-07 22:58:22 ----D---- C:\Windows\system32\ko-KR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\ja-JP
2015-04-07 22:58:22 ----D---- C:\Windows\system32\it-IT
2015-04-07 22:58:22 ----D---- C:\Windows\system32\hu-HU
2015-04-07 22:58:22 ----D---- C:\Windows\system32\fr-FR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\fi-FI
2015-04-07 22:58:22 ----D---- C:\Windows\system32\es-ES
2015-04-07 22:58:22 ----D---- C:\Windows\system32\el-GR
2015-04-07 22:58:22 ----D---- C:\Windows\system32\de-DE
2015-04-07 22:58:22 ----D---- C:\Windows\system32\da-DK
2015-04-07 22:58:22 ----D---- C:\Windows\system32\cs-CZ
2015-04-07 21:14:27 ----D---- C:\Program Files\Common Files
2015-04-07 20:58:24 ----D---- C:\Windows\SYSWOW64\drivers
2015-04-07 20:58:13 ----D---- C:\Windows\system32\drivers\UMDF
2015-04-07 20:39:58 ----D---- C:\Windows\system32\restore
2015-04-07 20:29:37 ----D---- C:\Windows\system32\sysprep
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-08 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-08 271200]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-05-28 672104]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-05-28 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-08 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-08 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-08 442264]
R1 SMR430;Symantec SMR Utility Service 4.3.0; C:\Windows\System32\drivers\SMR430.SYS [2015-04-20 108216]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-08 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-08 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-08 136752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-03 4290520]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-04-08 936664]
S3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-08 343336]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-03-18 2719928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-05-28 16232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19 268464]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-07 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-18 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-03-31 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-03-31 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie an vír
Kde ten virus byl a jak se jmenoval? USBFix je čisticí utilita USB flešek.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie an vír
Aj mňa to prekvapilo ale v novej verzii netestuje iba USB ale aj HDD. viz priložený súbor. Nakazené súbory sa nachádzajú v C:\Program Files(x86)\
VLC píše trojan
Longman\Real Life\Real Life Elementary CD-ROM\aunch.vbs -učebný program píše trojan
Microsoft office\Office15\OSPP.VBS -Kancelársky balík píše trojan
Vždy keď pustím usb fix, premaže akési temporaty files a program office funguje ale po reštarte zasa blbne.
VLC píše trojan
Longman\Real Life\Real Life Elementary CD-ROM\aunch.vbs -učebný program píše trojan
Microsoft office\Office15\OSPP.VBS -Kancelársky balík píše trojan
Vždy keď pustím usb fix, premaže akési temporaty files a program office funguje ale po reštarte zasa blbne.
- Přílohy
-
- USBFix.zip
- (300.27 KiB) Staženo 45 x
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie an vír
VLC je přehrávač a jako program nebezpečný není.
Longman\Real Life\Real Life Elementary CD-ROM\aunch.vbs
Microsoft office\Office15\OSPP.VBS
Ty soubory jsou visual basic script a ty virem být mohou. Zkuste je otestovat online na http://www.virusscan.jotti.org .
Longman\Real Life\Real Life Elementary CD-ROM\aunch.vbs
Microsoft office\Office15\OSPP.VBS
Ty soubory jsou visual basic script a ty virem být mohou. Zkuste je otestovat online na http://www.virusscan.jotti.org .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie an vír
Testnute a všetko bez problémov "Žiaden vír nenájdený" testol som súbor i jeho kolegov a vypísalo objavené 0 vírov. Čo je dosť komické lebo to testovalo aj cez BITDEFENDER A NOT32 a cez tie som testoval i ja a našlo víry.
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie an vír
Tak spíš bych řekl, že to viry nejsou (jsou v adresářích regulérních programů).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie an vír
Nový log z UsbFix zasa našiel a opravil kopec vecí a všímajte dole odstránil kopec temporary files a zasa mi excel začal fungovať???
############################## | UsbFix V 7.926.3 | [Clean]
User: Tomas (Administrator) # TOMAS-PC
Updated 19/04/2015 by El Desaparecido - SosVirus
Started at 21:10:05 | 20/04/2015
Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sos-virus.net/
Live detection : http://how-to-remove.us/
Contact : http://www.en.usbfix.net/contact/
################## | System information |
MB: ASUSTeK COMPUTER INC. (Z87-K)
CPU: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
RAM -> [Total : 8130 Mo | Free : 6342 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 37.0.1
################## | Security Information |
AV: avast! Antivirus [(!) Disabled |Updated]
AS: Windows Defender [Enabled |Updated]
AS: avast! Antivirus [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 98 Gb (67 Gb free - 68%) [] # NTFS
D:\ -> Fixed disk # 834 Gb (827 Gb free - 99%) [] # NTFS
################## | Autorun |
################## | Generic Research |
(!) Temporary files deleted. (20.3239946365356 MB)
################## | Registry |
################## | Regedit Run |
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1305448921-1843047715-643026882-1000\..\Run : [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
04 - HKU\S-1-5-21-1305448921-1843047715-643026882-1000\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | UsbFix - Information |
Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?
Live detection : http://how-to-remove.us/
################## | Attrib - Restore |
################## | C:\ %SystemDrive% - Fixed drive (NTFS) |
[10/04/2015 - 16:41:42 | A | 0 Ko] - C:\DelFix.txt
[20/04/2015 - 21:04:43 | ASH | 6244128 Ko] - C:\hiberfil.sys
[20/04/2015 - 21:04:44 | ASH | 262144 Ko] - C:\pagefile.sys
[20/04/2015 - 21:04:42 | D] - C:\Config.Msi
[08/04/2015 - 16:03:15 | SHD] - C:\$Recycle.Bin
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[07/04/2015 - 20:35:47 | SHD] - C:\Recovery
[07/04/2015 - 20:48:08 | D] - C:\Intel
[07/04/2015 - 21:08:17 | D] - C:\AMD
[08/04/2015 - 16:03:13 | RD] - C:\Users
[08/04/2015 - 18:50:18 | D] - C:\LibreOfficePortable
[11/04/2015 - 19:57:25 | D] - C:\totalcmd
[20/04/2015 - 13:39:30 | D] - C:\NPE
[20/04/2015 - 14:01:56 | D] - C:\rsit
[20/04/2015 - 19:11:52 | RD] - C:\Program Files
[20/04/2015 - 19:23:21 | HD] - C:\ProgramData
[20/04/2015 - 19:57:41 | RD] - C:\Program Files (x86)
[20/04/2015 - 21:01:23 | D] - C:\UsbFix
[20/04/2015 - 21:07:42 | D] - C:\Windows
################## | D:\ - Fixed drive (NTFS) |
[09/04/2015 - 11:02:05 | N | 6781 Ko] - D:\Intel_Chipset_Win7_8_VER9401016.zip
[10/04/2015 - 22:03:36 | A | 7089 Ko] - D:\Knightss.zip
[10/04/2015 - 22:36:43 | A | 939 Ko] - D:\rise-and-fall-civilizations-at-war-sk.zip
[11/04/2015 - 14:36:05 | A | 34385 Ko] - D:\RNF_CD1p15.zip
[18/04/2015 - 15:44:35 | N | 2525 Ko] - D:\geek.zip
[18/04/2015 - 18:30:10 | N | 1360 Ko] - D:\sfdrvup.zip
[18/04/2015 - 18:30:12 | N | 147 Ko] - D:\sfdrvrem.zip
[19/04/2015 - 19:14:20 | A | 6 Ko] - D:\Nová položka Microsoft Excel Worksheet (2).xlsx
[20/04/2015 - 12:09:19 | A | 7 Ko] - D:\Nová položka Microsoft Excel Worksheet.xlsx
[20/04/2015 - 12:11:36 | A | 6 Ko] - D:\Nová položka Microsoft Excel Worksheet (3).xlsx
[20/04/2015 - 12:41:29 | A | 6 Ko] - D:\Nová položka Microsoft Excel Worksheet (4).xlsx
[09/04/2015 - 22:24:41 | A | 0 Ko] - D:\g.txt
[09/04/2015 - 22:32:31 | A | 1 Ko] - D:\Nový textový dokument.txt
[10/04/2015 - 18:37:42 | A | 0 Ko] - D:\Nový textový dokument (2).txt
[14/04/2015 - 08:43:06 | A | 3 Ko] - D:\Nový textový dokument (3).txt
[11/04/2015 - 19:55:37 | N | 4318 Ko] - D:\rld-rsfl.rar
[11/04/2015 - 20:59:17 | N | 207 Ko] - D:\AmericanConquest_FightBackCZ.rar
[11/04/2015 - 21:14:16 | N | 424 Ko] - D:\COSSACKS.AND.AMERICAN.CONQUEST.WINDOWS.7.COLOR.FIX.BY.EbelAngel.rar
[11/04/2015 - 22:04:56 | N | 207 Ko] - D:\AmericanConquest_FightBackCZ(1).rar
[10/04/2015 - 16:27:14 | N | 9 Ko] - D:\Untitled 1.odt
[09/04/2015 - 23:07:17 | A | 551508 Ko] - D:\Windows6.1-KB947821-v34-x64.msu
[26/03/2015 - 16:16:42 | A | 284 Ko] - D:\7.5.jpg
[26/03/2015 - 16:17:08 | A | 345 Ko] - D:\23.4.jpg
[09/04/2015 - 17:02:34 | A | 269 Ko] - D:\25.4.jpg
[09/04/2015 - 17:02:50 | A | 264 Ko] - D:\9.5.jpg
[09/04/2015 - 17:02:54 | A | 250 Ko] - D:\21.5.jpg
[09/04/2015 - 17:03:10 | A | 229 Ko] - D:\16.4.jpg
[12/04/2015 - 17:43:26 | A | 214 Ko] - D:\strana16.jpg
[18/04/2015 - 17:38:48 | N | 53 Ko] - D:\d834c57d%2de82d%2d4ee4%2d9f5f%2d342e0d0047ca.jpg
[21/08/2006 - 11:36:06 | N | 10533 Ko] - D:\RiseAndFall.exe
[09/04/2015 - 21:20:05 | A | 1054 Ko] - D:\Dev_Agent_Setup.exe
[10/04/2015 - 00:03:07 | N | 2144 Ko] - D:\hdtunepro_550_trial.exe
[10/04/2015 - 16:55:52 | A | 13850 Ko] - D:\MSEInstall.exe
[10/04/2015 - 21:47:38 | A | 24204 Ko] - D:\MSAoE.exe
[10/04/2015 - 23:00:10 | N | 2551631 Ko] - D:\midway_riseandfall.exe
[11/04/2015 - 14:25:08 | N | 955 Ko] - D:\riseandfall_sk.exe
[11/04/2015 - 19:56:59 | N | 3635 Ko] - D:\tcm851x32.exe
[18/04/2015 - 15:47:45 | N | 29134 Ko] - D:\vlc-2.2.1-win64.exe
[18/04/2015 - 17:45:34 | N | 126154 Ko] - D:\Apache_OpenOffice_4.1.1_Win_x86_install_sk.exe
[18/04/2015 - 19:32:33 | N | 42611 Ko] - D:\firefox-38.0a1.en-US.win64-x86_64.installer.exe
[18/04/2015 - 19:42:48 | N | 40441 Ko] - D:\Firefox Setup 37.0.exe
[18/04/2015 - 21:30:25 | N | 982 Ko] - D:\dotNetFx45_Full_setup.exe
[19/04/2015 - 17:47:49 | A | 587406 Ko] - D:\0ad-0.0.18-alpha-win32.exe
[19/04/2015 - 17:55:32 | A | 1098 Ko] - D:\flashplayer17_ha_install.exe
[19/04/2015 - 19:59:46 | N | 58498 Ko] - D:\Nero-9.4.12.3_free-notoolbar.exe
[19/04/2015 - 22:03:04 | N | 171325 Ko] - D:\word2013-kb2910916-fullfile-x64-glb.exe
[19/04/2015 - 23:24:03 | N | 4213 Ko] - D:\UsbFix_7.926.exe
[20/04/2015 - 15:05:19 | A | 1610 Ko] - D:\RRAV-antivirus.exe
[20/04/2015 - 16:55:34 | A | 2292 Ko] - D:\esetsmartinstaller_sky.exe
[15/04/2015 - 14:07:44 | A | 34 Ko] - D:\4. Vnútorný obchod-pošta na zaslanie.docx
[15/04/2015 - 14:07:53 | A | 21 Ko] - D:\3.4.Pracovno-právne vzťahy, pracovná zmluva, 3.7.Ročnézúčtovanie dane-pozri priame dane-pošta.docx
[15/04/2015 - 20:10:32 | A | 16 Ko] - D:\Nová položka Microsoft Word Document.docx
[15/04/2015 - 20:28:15 | A | 18 Ko] - D:\Nová položka Microsoft Word Document (2).docx
[10/04/2015 - 18:57:32 | A | 177 Ko] - D:\Maturitne-zadania-B1_2014.doc
[15/04/2015 - 14:08:07 | A | 54 Ko] - D:\15.Založenie_spoločnosti.doc
[08/04/2015 - 16:03:15 | SHD] - D:\$RECYCLE.BIN
[10/04/2015 - 22:06:21 | D] - D:\Knightss
[12/04/2015 - 14:31:32 | D] - D:\ProgramFiles
[19/04/2015 - 23:42:42 | D] - D:\Archiv_dokumentov
[20/04/2015 - 12:40:31 | D] - D:\USB
[20/04/2015 - 12:43:06 | D] - D:\PS2
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
############################## | UsbFix V 7.926.3 | [Clean]
User: Tomas (Administrator) # TOMAS-PC
Updated 19/04/2015 by El Desaparecido - SosVirus
Started at 21:10:05 | 20/04/2015
Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sos-virus.net/
Live detection : http://how-to-remove.us/
Contact : http://www.en.usbfix.net/contact/
################## | System information |
MB: ASUSTeK COMPUTER INC. (Z87-K)
CPU: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
RAM -> [Total : 8130 Mo | Free : 6342 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 37.0.1
################## | Security Information |
AV: avast! Antivirus [(!) Disabled |Updated]
AS: Windows Defender [Enabled |Updated]
AS: avast! Antivirus [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 98 Gb (67 Gb free - 68%) [] # NTFS
D:\ -> Fixed disk # 834 Gb (827 Gb free - 99%) [] # NTFS
################## | Autorun |
################## | Generic Research |
(!) Temporary files deleted. (20.3239946365356 MB)
################## | Registry |
################## | Regedit Run |
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1305448921-1843047715-643026882-1000\..\Run : [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
04 - HKU\S-1-5-21-1305448921-1843047715-643026882-1000\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | UsbFix - Information |
Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?
Live detection : http://how-to-remove.us/
################## | Attrib - Restore |
################## | C:\ %SystemDrive% - Fixed drive (NTFS) |
[10/04/2015 - 16:41:42 | A | 0 Ko] - C:\DelFix.txt
[20/04/2015 - 21:04:43 | ASH | 6244128 Ko] - C:\hiberfil.sys
[20/04/2015 - 21:04:44 | ASH | 262144 Ko] - C:\pagefile.sys
[20/04/2015 - 21:04:42 | D] - C:\Config.Msi
[08/04/2015 - 16:03:15 | SHD] - C:\$Recycle.Bin
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[07/04/2015 - 20:35:47 | SHD] - C:\Recovery
[07/04/2015 - 20:48:08 | D] - C:\Intel
[07/04/2015 - 21:08:17 | D] - C:\AMD
[08/04/2015 - 16:03:13 | RD] - C:\Users
[08/04/2015 - 18:50:18 | D] - C:\LibreOfficePortable
[11/04/2015 - 19:57:25 | D] - C:\totalcmd
[20/04/2015 - 13:39:30 | D] - C:\NPE
[20/04/2015 - 14:01:56 | D] - C:\rsit
[20/04/2015 - 19:11:52 | RD] - C:\Program Files
[20/04/2015 - 19:23:21 | HD] - C:\ProgramData
[20/04/2015 - 19:57:41 | RD] - C:\Program Files (x86)
[20/04/2015 - 21:01:23 | D] - C:\UsbFix
[20/04/2015 - 21:07:42 | D] - C:\Windows
################## | D:\ - Fixed drive (NTFS) |
[09/04/2015 - 11:02:05 | N | 6781 Ko] - D:\Intel_Chipset_Win7_8_VER9401016.zip
[10/04/2015 - 22:03:36 | A | 7089 Ko] - D:\Knightss.zip
[10/04/2015 - 22:36:43 | A | 939 Ko] - D:\rise-and-fall-civilizations-at-war-sk.zip
[11/04/2015 - 14:36:05 | A | 34385 Ko] - D:\RNF_CD1p15.zip
[18/04/2015 - 15:44:35 | N | 2525 Ko] - D:\geek.zip
[18/04/2015 - 18:30:10 | N | 1360 Ko] - D:\sfdrvup.zip
[18/04/2015 - 18:30:12 | N | 147 Ko] - D:\sfdrvrem.zip
[19/04/2015 - 19:14:20 | A | 6 Ko] - D:\Nová položka Microsoft Excel Worksheet (2).xlsx
[20/04/2015 - 12:09:19 | A | 7 Ko] - D:\Nová položka Microsoft Excel Worksheet.xlsx
[20/04/2015 - 12:11:36 | A | 6 Ko] - D:\Nová položka Microsoft Excel Worksheet (3).xlsx
[20/04/2015 - 12:41:29 | A | 6 Ko] - D:\Nová položka Microsoft Excel Worksheet (4).xlsx
[09/04/2015 - 22:24:41 | A | 0 Ko] - D:\g.txt
[09/04/2015 - 22:32:31 | A | 1 Ko] - D:\Nový textový dokument.txt
[10/04/2015 - 18:37:42 | A | 0 Ko] - D:\Nový textový dokument (2).txt
[14/04/2015 - 08:43:06 | A | 3 Ko] - D:\Nový textový dokument (3).txt
[11/04/2015 - 19:55:37 | N | 4318 Ko] - D:\rld-rsfl.rar
[11/04/2015 - 20:59:17 | N | 207 Ko] - D:\AmericanConquest_FightBackCZ.rar
[11/04/2015 - 21:14:16 | N | 424 Ko] - D:\COSSACKS.AND.AMERICAN.CONQUEST.WINDOWS.7.COLOR.FIX.BY.EbelAngel.rar
[11/04/2015 - 22:04:56 | N | 207 Ko] - D:\AmericanConquest_FightBackCZ(1).rar
[10/04/2015 - 16:27:14 | N | 9 Ko] - D:\Untitled 1.odt
[09/04/2015 - 23:07:17 | A | 551508 Ko] - D:\Windows6.1-KB947821-v34-x64.msu
[26/03/2015 - 16:16:42 | A | 284 Ko] - D:\7.5.jpg
[26/03/2015 - 16:17:08 | A | 345 Ko] - D:\23.4.jpg
[09/04/2015 - 17:02:34 | A | 269 Ko] - D:\25.4.jpg
[09/04/2015 - 17:02:50 | A | 264 Ko] - D:\9.5.jpg
[09/04/2015 - 17:02:54 | A | 250 Ko] - D:\21.5.jpg
[09/04/2015 - 17:03:10 | A | 229 Ko] - D:\16.4.jpg
[12/04/2015 - 17:43:26 | A | 214 Ko] - D:\strana16.jpg
[18/04/2015 - 17:38:48 | N | 53 Ko] - D:\d834c57d%2de82d%2d4ee4%2d9f5f%2d342e0d0047ca.jpg
[21/08/2006 - 11:36:06 | N | 10533 Ko] - D:\RiseAndFall.exe
[09/04/2015 - 21:20:05 | A | 1054 Ko] - D:\Dev_Agent_Setup.exe
[10/04/2015 - 00:03:07 | N | 2144 Ko] - D:\hdtunepro_550_trial.exe
[10/04/2015 - 16:55:52 | A | 13850 Ko] - D:\MSEInstall.exe
[10/04/2015 - 21:47:38 | A | 24204 Ko] - D:\MSAoE.exe
[10/04/2015 - 23:00:10 | N | 2551631 Ko] - D:\midway_riseandfall.exe
[11/04/2015 - 14:25:08 | N | 955 Ko] - D:\riseandfall_sk.exe
[11/04/2015 - 19:56:59 | N | 3635 Ko] - D:\tcm851x32.exe
[18/04/2015 - 15:47:45 | N | 29134 Ko] - D:\vlc-2.2.1-win64.exe
[18/04/2015 - 17:45:34 | N | 126154 Ko] - D:\Apache_OpenOffice_4.1.1_Win_x86_install_sk.exe
[18/04/2015 - 19:32:33 | N | 42611 Ko] - D:\firefox-38.0a1.en-US.win64-x86_64.installer.exe
[18/04/2015 - 19:42:48 | N | 40441 Ko] - D:\Firefox Setup 37.0.exe
[18/04/2015 - 21:30:25 | N | 982 Ko] - D:\dotNetFx45_Full_setup.exe
[19/04/2015 - 17:47:49 | A | 587406 Ko] - D:\0ad-0.0.18-alpha-win32.exe
[19/04/2015 - 17:55:32 | A | 1098 Ko] - D:\flashplayer17_ha_install.exe
[19/04/2015 - 19:59:46 | N | 58498 Ko] - D:\Nero-9.4.12.3_free-notoolbar.exe
[19/04/2015 - 22:03:04 | N | 171325 Ko] - D:\word2013-kb2910916-fullfile-x64-glb.exe
[19/04/2015 - 23:24:03 | N | 4213 Ko] - D:\UsbFix_7.926.exe
[20/04/2015 - 15:05:19 | A | 1610 Ko] - D:\RRAV-antivirus.exe
[20/04/2015 - 16:55:34 | A | 2292 Ko] - D:\esetsmartinstaller_sky.exe
[15/04/2015 - 14:07:44 | A | 34 Ko] - D:\4. Vnútorný obchod-pošta na zaslanie.docx
[15/04/2015 - 14:07:53 | A | 21 Ko] - D:\3.4.Pracovno-právne vzťahy, pracovná zmluva, 3.7.Ročnézúčtovanie dane-pozri priame dane-pošta.docx
[15/04/2015 - 20:10:32 | A | 16 Ko] - D:\Nová položka Microsoft Word Document.docx
[15/04/2015 - 20:28:15 | A | 18 Ko] - D:\Nová položka Microsoft Word Document (2).docx
[10/04/2015 - 18:57:32 | A | 177 Ko] - D:\Maturitne-zadania-B1_2014.doc
[15/04/2015 - 14:08:07 | A | 54 Ko] - D:\15.Založenie_spoločnosti.doc
[08/04/2015 - 16:03:15 | SHD] - D:\$RECYCLE.BIN
[10/04/2015 - 22:06:21 | D] - D:\Knightss
[12/04/2015 - 14:31:32 | D] - D:\ProgramFiles
[19/04/2015 - 23:42:42 | D] - D:\Archiv_dokumentov
[20/04/2015 - 12:40:31 | D] - D:\USB
[20/04/2015 - 12:43:06 | D] - D:\PS2
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
Přispějete na provoz fóra?