Odstranění VBS/Autorun.worm.aapn!lnk

[xymail]

Dobrý den ,
mám v PC stejný vir, jako tento uživatel http://forum.viry.cz/viewtopic.php?f=13 ... hilit=worm , postupoval jsem dle návodu ze odkazu, použil jsem OTL , s prosbou o pomoc přikládám logy.

[vyosek]

Zdravim

Logy davejte primo do prispevku

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[xymail]

po delším boji mám oba soubory na ploše a po spuštění hláška viz. obr.

[vyosek]

Spustte jen samotny FRST

[xymail]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015
Ran by Admin (2015-08-02 16:44:58)
Running from D:\Dokumenty\Plocha
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-3779098215-2951374784-2259018695-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3779098215-2951374784-2259018695-500 - Administrator - Disabled)
Guest (S-1-5-21-3779098215-2951374784-2259018695-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
7-Zip 15.04 alpha x64 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.124 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
COMODO Internet Security Premium (HKLM\...\{4C5D0B6A-944A-47A6-A2F3-BCB58E05CA5D}) (Version: 8.2.0.4591 - COMODO Security Solutions Inc.)
ConvertXtoDVD 4.1.2.336 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.2.336 - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.01 - Creative Technology Limited)
Creative Entertainment Console (HKLM-x32\...\Entertainment Console) (Version: 3.01 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.2408.53 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Partition Master 10.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Exterminate It! (HKLM-x32\...\Exterminate It!) (Version: 2.12.07.30 - CURIOLAB S.M.B.A.)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.02 - Creative Technology Limited)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 11.2.8 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.8 - )
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 cs)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Volume Panel (HKLM-x32\...\Creative Volume Panel) (Version: 2.21 - Creative Technology Limited)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3779098215-2951374784-2259018695-1000_Classes\CLSID\{C78B6148-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Salamander 3 x64\utils\salextx64.dll (ALTAP)

==================== Restore Points =========================

23-07-2015 13:59:08 Windows Update
24-07-2015 16:11:49 Installed Java 7 Update 13 (64-bit)
30-07-2015 19:00:11 Windows Update
02-08-2015 11:43:27 OTL Restore Point - 2.8.2015 11:43:26

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-31 19:55 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11ECDA01-3C15-492E-A05E-CE79186016D2} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-07-23] ()
Task: {1DBD51E7-0DF6-4EE3-ABD2-8D2951E556A1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-05] (COMODO)
Task: {44A33A9F-59BA-48CD-A8B6-1B9C0ED28122} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-06-05] (COMODO)
Task: {4CFC2D87-0685-460C-874E-0248DF8D7224} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-30] (Adobe Systems Incorporated)
Task: {5A52306A-A58F-47F6-BDDA-355A00D40589} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-05] (COMODO)
Task: {C8CCFFFD-2859-4123-AB69-7F6EB0BAC042} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-23] (Adobe Systems Incorporated)
Task: {F535137F-1951-4C9A-B878-6DC9780A7D5A} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-05] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-22 17:23 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-22 17:26 - 2011-06-22 00:21 - 00014848 _____ () C:\Program Files (x86)\volumouse\volumouse32.exe
2015-01-08 23:02 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\autoexec.bat:$CmdTcID
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\WLXPGSS.SCR:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ac3acm.acm:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\BootMan.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\epmntdrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\esent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EuEpmGdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EuGdiDrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ff_vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fsutil.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IEUDINIT.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lagarith.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nfsDigitalClockClouds01_2.scr:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setupempdrvx64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x264vfw64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xvidcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xvidvfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ac3acm.acm:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\BootMan.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cook3260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drv23260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drv33260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drv43260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\epmntdrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\esent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\EuEpmGdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\EuGdiDrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ff_vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fmcodec.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fsutil.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lagarith.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msvcr110.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\Pncrt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setupempdrv03.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sipr3260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vp7vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wvc1dmod.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x264vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xvidcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xvidvfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdsata.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdxata.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\iaStorV.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvraid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvstor.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\revoflt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID
AlternateDataStreams: C:\Users\Admin\AppData\Local\MSGBOX.EXE:$CmdTcID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F1A0366E-7595-44CF-BD43-891551A6F7FC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7958EA19-1FC7-4953-B72C-9EF438CB1EDD}] => (Allow) LPort=2869
FirewallRules: [{226A0EDF-5C3C-4EBB-9A4A-96C71F4131D0}] => (Allow) LPort=1900
FirewallRules: [{A0110D57-25DA-4DA7-80C0-319E86185B6E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe
FirewallRules: [{FAA61A95-AA50-46F6-9FD1-F6BE86FE2D48}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11.exe
FirewallRules: [{20DA7BA1-24F7-40E4-93A8-A0E8FD04A05A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
FirewallRules: [{D2741AC1-63D9-4CFE-8314-144F6BC9FB1F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
FirewallRules: [{665FF694-C504-4B78-B07F-737B1B63C16C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Movie\MovieModule.exe
FirewallRules: [{616398AD-3C07-494A-BAB5-FBB6AB12506F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B200157A-ADE8-4E12-90EE-D603B201F636}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0B8B572A-0738-466A-BAD7-0140A300A584}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{A98D118E-225C-4402-8F5B-8678FE752B45}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{D7310A20-139B-4C47-B97B-E788BBCF5CCF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{120DEFEF-B4BA-48B1-96D2-D005CD315F99}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{2C100EFA-E2A4-4ABA-9881-7DE118AC4ECD}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8F6A073F-46D0-442C-B8C2-D7C1C0A2477A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{59F21E4D-6B8A-4F7B-AE6D-7B55863CFB2B}] => (Allow) C:\Users\Admin\AppData\Local\Temp\Google Chrome.exe
FirewallRules: [{F948F727-2DD1-4DA3-8AB4-A8D63331BE14}] => (Allow) C:\Users\Admin\AppData\Local\Temp\Google Chrome.exe
FirewallRules: [{7E43FFE7-482A-49CF-AB5E-CF575158B0A8}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{87611FB4-26EA-42D6-88CE-2BE452F03158}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\utorrent.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2015 03:38:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 03:36:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 03:28:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 03:21:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 03:18:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 03:11:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 03:04:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2015 12:56:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program OTL.exe verze 3.2.69.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 105c

Čas spuštění: 01d0cd0700cf9269

Čas ukončení: 133

Cesta k aplikaci: D:\Dokumenty\_Stažené soubory\OTL.exe

ID hlášení: fecdecf9-3904-11e5-9d83-001485c28361

Error: (07/31/2015 08:15:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 08:08:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/02/2015 03:31:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:31:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/02/2015 03:30:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068


Microsoft Office:
=========================

CodeIntegrity:
===================================
Date: 2015-07-31 19:54:34.585
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-07-31 19:54:34.539
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz
Percentage of memory in use: 49%
Total physical RAM: 3071.55 MB
Available physical RAM: 1551.43 MB
Total Virtual: 6141.32 MB
Available Virtual: 4147.5 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.79 GB) (Free:73.73 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.41 GB) (Free:352.09 GB) NTFS
Drive f: (TRANSCEND) (Removable) (Total:14.54 GB) (Free:13.33 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FF92C763)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0FC8DB2F)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 14.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

[vyosek]

Jeste dejte FRST.txt

[xymail]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015
Ran by Admin (administrator) on PENTIUM (02-08-2015 16:42:23)
Running from D:\Dokumenty\Plocha
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee Inc.) C:\Program Files\McAfee\Raptor\Raptor.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NirSoft) C:\Program Files (x86)\volumouse\volumouse.exe
() C:\Program Files (x86)\volumouse\volumouse32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Naissan Innovations, LLC) C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-06-05] (COMODO)
HKLM\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-07-23] (Oracle Corporation)
HKLM-x32\...\Run: [AtomTime] => C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE [396316 2004-12-03] (Naissan Innovations, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-30] (Raptr, Inc)
HKLM-x32\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION
HKLM\...\RunOnce: [Raptor] => C:\Program Files\McAfee\Raptor\Raptor.exe [1880944 2015-08-02] (McAfee Inc.)
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\...\Run: [$Volumouse$] => C:\Program Files (x86)\volumouse\volumouse.exe [88576 2011-06-22] (NirSoft)
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-07-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-07-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-23] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-23] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9578FDA5-72EE-421B-95BB-06A812289542}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default
FF NewTab: www.google.cz
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_124.dll [2015-07-30] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2015-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-07-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_124.dll [2015-07-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2015-07-23]
FF Extension: Google Translator for Firefox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\translator@zoli.bod.xpi [2015-07-23]
FF Extension: Video DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-07-23]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-23]
FF Extension: Tab Mix Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-07-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-12-08] ()
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5541960 2015-06-05] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-06-05] (COMODO)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-12-07] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-12-07] (CyberLink)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20672 2015-06-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [797256 2015-06-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-06-05] (COMODO)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2015-07-23] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2015-07-23] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2015-07-23] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2015-07-23] () [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104584 2015-06-05] (COMODO)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-11-16] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 16:42 - 2015-08-02 16:42 - 00000000 ____D C:\FRST
2015-08-02 15:18 - 2015-08-02 15:42 - 00029696 _____ C:\Users\Admin\AppData\Local\MSGBOX.EXE
2015-08-02 11:44 - 2015-08-02 11:44 - 00000512 _____ C:\PhysicalMBR.bin
2015-08-02 06:02 - 2015-08-02 06:02 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Curiolab
2015-08-02 05:48 - 2015-08-02 08:02 - 00000000 ____D C:\Program Files (x86)\Exterminate It!
2015-08-02 05:48 - 2015-08-02 05:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exterminate It!
2015-08-02 05:38 - 2015-08-02 05:38 - 00000000 ____D C:\Program Files\McAfee
2015-08-02 05:37 - 2015-08-02 06:02 - 00000000 ____D C:\Program Files (x86)\stinger
2015-07-31 19:58 - 2015-07-31 19:58 - 00026771 _____ C:\ComboFix.txt
2015-07-31 19:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-31 19:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-31 19:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-31 19:37 - 2015-07-31 19:58 - 00000000 ____D C:\Qoobox
2015-07-31 19:35 - 2015-07-31 19:55 - 00000000 ____D C:\Windows\erdnt
2015-07-31 19:29 - 2015-08-01 22:16 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2015-07-31 19:29 - 2015-07-31 19:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-07-31 16:52 - 2015-07-31 16:52 - 00000812 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-07-31 15:55 - 2015-07-31 15:55 - 00000000 _____ C:\autoexec.bat
2015-07-29 22:05 - 2015-07-29 22:05 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2015-07-29 20:22 - 2015-07-29 22:05 - 00000049 _____ C:\Windows\SysWOW64\ScrRecX.log
2015-07-29 20:21 - 2015-07-29 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-07-29 20:21 - 2015-07-29 20:21 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2015-07-29 03:01 - 2015-07-29 03:01 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-29 03:01 - 2015-07-29 03:01 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 03:01 - 2015-07-29 03:01 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 03:01 - 2015-07-29 03:01 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 03:01 - 2015-07-29 03:01 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 03:01 - 2015-07-29 03:01 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 03:01 - 2015-07-29 03:01 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 03:01 - 2015-07-29 03:01 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-25 02:54 - 2015-07-25 02:54 - 00000000 ____D C:\ProgramData\vsosdk
2015-07-24 19:53 - 2015-07-24 19:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-07-24 18:49 - 2015-08-01 06:05 - 00001189 _____ C:\Users\Admin\AppData\Roaming\vso_ts_preview.xml
2015-07-24 18:49 - 2015-08-01 06:05 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Vso
2015-07-24 18:45 - 2015-07-24 18:46 - 01184984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc1dmod.dll
2015-07-24 18:45 - 2015-07-24 18:46 - 00626688 _____ (On2.com) C:\Windows\SysWOW64\vp7vfw.dll
2015-07-24 18:45 - 2015-07-24 18:46 - 00273408 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\Pncrt.dll
2015-07-24 18:45 - 2015-07-24 18:46 - 00217127 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drv43260.dll
2015-07-24 18:45 - 2015-07-24 18:46 - 00208935 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drv33260.dll
2015-07-24 18:45 - 2015-07-24 18:46 - 00176165 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drv23260.dll
2015-07-24 18:45 - 2015-07-24 18:46 - 00102439 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\sipr3260.dll
2015-07-24 18:45 - 2015-07-24 18:46 - 00065602 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\cook3260.dll
2015-07-24 18:45 - 2015-07-24 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2015-07-24 18:45 - 2015-07-24 18:45 - 00000000 ____D C:\Program Files (x86)\VSO
2015-07-24 18:20 - 2015-07-24 18:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-07-24 16:21 - 2015-07-24 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2015-07-24 16:20 - 2015-07-24 16:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\library_dir
2015-07-24 16:19 - 2015-08-02 15:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Raptr
2015-07-24 16:19 - 2015-07-30 15:09 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-24 16:17 - 2015-07-30 18:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Windows Live Writer
2015-07-24 16:17 - 2015-07-24 16:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Windows Live Writer
2015-07-24 16:15 - 2015-07-31 19:28 - 00000000 ____D C:\Program Files\Vuze
2015-07-24 16:15 - 2015-07-31 15:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Azureus
2015-07-24 16:14 - 2015-07-24 16:16 - 00000009 _____ C:\END
2015-07-24 16:13 - 2015-07-24 16:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2015-07-24 16:13 - 2015-07-24 16:13 - 00000000 ____D C:\Users\Admin\AppData\Local\Macromedia
2015-07-24 16:12 - 2015-07-24 16:12 - 01085344 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-07-24 16:12 - 2015-07-24 16:12 - 00963488 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-07-24 16:12 - 2015-07-24 16:12 - 00310688 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-07-24 16:12 - 2015-07-24 16:12 - 00188832 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-07-24 16:12 - 2015-07-24 16:12 - 00188320 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-07-24 16:12 - 2015-07-24 16:12 - 00108448 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-24 16:12 - 2015-07-24 16:12 - 00000000 ____D C:\Program Files\Java
2015-07-24 16:11 - 2015-07-24 16:11 - 00000000 ____D C:\instalačky
2015-07-23 15:35 - 2015-07-23 15:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-07-23 14:03 - 2015-07-23 14:03 - 00000000 ____D C:\Users\Public\Foxit Software
2015-07-23 14:03 - 2015-07-23 14:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Foxit Software
2015-07-23 13:57 - 2015-07-23 13:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2015-07-23 13:54 - 2015-07-23 13:54 - 00000000 ____D C:\ProgramData\Photoshop64 Portable 2014
2015-07-23 13:40 - 2015-07-23 13:40 - 00003792 _____ C:\Windows\System32\Tasks\klcp_update
2015-07-23 13:39 - 2015-07-23 13:53 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-07-23 13:39 - 2015-07-23 13:39 - 03591680 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 03571200 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00729088 _____ C:\Windows\system32\xvidcore.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00655872 _____ C:\Windows\SysWOW64\xvidcore.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00254976 _____ C:\Windows\system32\xvidvfw.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00240128 _____ C:\Windows\SysWOW64\xvidvfw.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2015-07-23 13:39 - 2015-07-23 13:39 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00126976 _____ C:\Windows\system32\ff_vfw.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2015-07-23 13:39 - 2015-07-23 13:39 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-07-23 13:39 - 2015-07-23 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-07-23 13:38 - 2015-07-23 13:38 - 00000000 ____D C:\ProgramData\Nero 2015 portable
2015-07-23 13:36 - 2015-07-23 13:36 - 00000000 ____D C:\Windows\Sun
2015-07-23 13:36 - 2015-07-23 13:36 - 00000000 ____D C:\ProgramData\Sun
2015-07-23 13:36 - 2015-07-23 13:35 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-23 13:35 - 2015-07-23 13:36 - 00000000 ____D C:\ProgramData\Oracle
2015-07-23 13:35 - 2015-07-23 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-23 13:34 - 2015-07-23 13:34 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-23 13:24 - 2015-07-23 13:24 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-07-23 13:24 - 2015-07-23 13:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-07-23 13:24 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-07-23 13:24 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-07-23 13:20 - 2015-07-31 19:35 - 00000000 ____D C:\Program Files (x86)\foobar2000
2015-07-23 13:17 - 2015-07-24 15:50 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2015-07-23 13:17 - 2015-07-23 13:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2015-07-23 13:17 - 2015-07-23 13:17 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-23 13:17 - 2015-07-23 13:17 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-23 13:17 - 2015-07-23 13:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-23 13:17 - 2015-07-23 13:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-23 13:16 - 2015-08-02 16:02 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-23 13:16 - 2015-07-30 23:02 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-23 13:16 - 2015-07-30 23:02 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-23 13:16 - 2015-07-30 23:02 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-23 13:16 - 2015-07-23 13:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-07-23 13:16 - 2015-07-23 13:16 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-23 12:03 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-07-23 12:03 - 2015-01-09 01:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-07-23 11:23 - 2015-07-23 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-23 11:20 - 2015-07-23 11:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-23 11:20 - 2015-07-23 11:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-23 11:07 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-07-23 11:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-07-23 11:04 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-23 11:04 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-23 11:04 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-23 11:04 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-23 11:04 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-23 11:04 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-23 11:04 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-23 11:04 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-23 11:04 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-23 11:04 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-23 11:04 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-23 11:04 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-23 11:04 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-23 11:04 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-23 11:04 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-23 11:04 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-23 11:04 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-23 11:04 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-23 11:04 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-23 11:04 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-23 11:04 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-23 11:04 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-23 11:04 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-23 11:04 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-23 11:04 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-23 11:04 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-23 11:04 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-23 11:04 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-23 11:04 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-23 11:04 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-23 11:04 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-23 11:04 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-23 11:04 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-23 11:04 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-07-23 11:04 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-07-23 11:03 - 2015-07-23 11:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-07-23 11:03 - 2015-07-23 11:03 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-07-23 11:03 - 2015-07-23 11:03 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-07-23 11:03 - 2015-07-23 11:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-07-23 11:03 - 2015-07-23 11:03 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-07-23 11:03 - 2015-07-23 11:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-23 11:03 - 2015-07-23 11:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-07-23 11:03 - 2015-07-23 11:03 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-07-23 11:03 - 2015-07-23 11:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-23 11:03 - 2015-07-23 11:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-07-23 11:03 - 2015-07-23 11:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-07-23 11:03 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-23 11:03 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-23 11:03 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-23 11:03 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-23 11:03 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-23 11:03 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-23 11:03 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-23 11:03 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-23 11:03 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-23 11:03 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-23 11:03 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-23 11:03 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-23 11:03 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-23 11:03 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-23 11:03 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-23 11:03 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-23 11:03 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-23 11:03 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-23 11:03 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-23 11:03 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-23 11:03 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-23 11:03 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-23 11:03 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-23 11:03 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-23 11:03 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-23 11:03 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-23 11:03 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-23 11:03 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-23 11:03 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-23 11:03 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-23 11:03 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-23 11:03 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-07-23 11:03 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-07-23 10:40 - 2015-07-23 10:40 - 03382440 _____ C:\Windows\system32\BootMan.exe
2015-07-23 10:40 - 2015-07-23 10:40 - 02499752 _____ C:\Windows\SysWOW64\BootMan.exe
2015-07-23 10:40 - 2015-07-23 10:40 - 00100936 _____ C:\Windows\system32\setupempdrvx64.exe
2015-07-23 10:40 - 2015-07-23 10:40 - 00087112 _____ C:\Windows\SysWOW64\setupempdrv03.exe
2015-07-23 10:40 - 2015-07-23 10:40 - 00019840 _____ C:\Windows\SysWOW64\EuEpmGdi.dll
2015-07-23 10:40 - 2015-07-23 10:40 - 00017480 _____ C:\Windows\system32\epmntdrv.sys
2015-07-23 10:40 - 2015-07-23 10:40 - 00016256 _____ C:\Windows\system32\EuEpmGdi.dll
2015-07-23 10:40 - 2015-07-23 10:40 - 00014920 _____ C:\Windows\SysWOW64\epmntdrv.sys
2015-07-23 10:40 - 2015-07-23 10:40 - 00009800 _____ C:\Windows\system32\EuGdiDrv.sys
2015-07-23 10:40 - 2015-07-23 10:40 - 00009160 _____ C:\Windows\SysWOW64\EuGdiDrv.sys
2015-07-23 10:40 - 2015-07-23 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.0
2015-07-23 10:40 - 2015-07-23 10:40 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-07-23 10:31 - 2015-07-23 10:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-23 10:31 - 2015-07-23 10:31 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2015-07-23 10:31 - 2015-07-23 10:31 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2015-07-23 10:31 - 2015-07-23 10:31 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-07-23 10:28 - 2015-07-23 10:20 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-07-23 10:21 - 2015-07-23 10:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-07-23 10:21 - 2015-07-23 10:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-07-23 10:21 - 2015-07-23 10:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-23 10:21 - 2015-07-23 10:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-23 10:21 - 2015-07-23 10:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-07-23 10:21 - 2015-07-23 10:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-23 10:21 - 2015-07-23 10:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-07-23 10:17 - 2015-07-23 10:17 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-07-23 10:17 - 2015-07-23 10:17 - 00000000 ____D C:\Users\Admin\AppData\Local\VS Revo Group
2015-07-23 10:17 - 2015-07-23 10:17 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-07-23 10:17 - 2015-07-23 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-07-23 10:17 - 2015-07-23 10:17 - 00000000 ____D C:\Program Files\VS Revo Group
2015-07-23 10:08 - 2015-07-23 10:08 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00069448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-07-23 10:08 - 2015-07-23 10:08 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-07-23 10:08 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-07-23 10:08 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-07-23 10:08 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-07-23 10:08 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-07-23 10:08 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-07-23 10:08 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-07-23 10:08 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-07-23 10:08 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-07-23 10:08 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-07-23 10:08 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-07-23 10:08 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-07-23 10:08 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-07-23 10:08 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-07-23 10:08 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-07-23 10:08 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-07-23 10:08 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-07-23 10:08 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-07-23 10:08 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-07-23 10:08 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-07-23 10:08 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-07-23 10:08 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-07-23 10:08 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-07-23 10:08 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-07-23 10:08 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-07-23 10:08 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-07-23 10:07 - 2015-07-23 10:08 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-07-23 10:07 - 2015-07-23 10:08 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-07-23 10:07 - 2015-07-23 10:08 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-07-23 10:07 - 2015-07-23 10:07 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-07-23 10:07 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-07-23 10:07 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-07-23 10:07 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-07-23 10:07 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-07-23 10:07 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-07-23 10:07 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-07-23 10:07 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-07-23 10:07 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-07-23 10:07 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-07-23 10:07 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-07-23 10:07 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-07-23 10:07 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-07-23 10:07 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-07-23 10:07 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-07-23 10:07 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-07-23 10:07 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-07-23 10:07 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-07-23 10:07 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-07-23 10:07 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-07-23 10:07 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-07-23 10:04 - 2015-07-23 10:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\CyberLink
2015-07-23 10:01 - 2015-07-23 10:04 - 00000000 ____D C:\ProgramData\CyberLink
2015-07-23 10:01 - 2015-07-23 10:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 11
2015-07-23 10:01 - 2015-07-23 10:01 - 00000000 ____D C:\Users\Admin\AppData\Local\MediaServer
2015-07-23 10:01 - 2015-07-23 10:01 - 00000000 ____D C:\ProgramData\PDVD
2015-07-23 10:00 - 2015-07-23 10:00 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-07-23 09:59 - 2015-07-23 10:02 - 00000000 ____D C:\ProgramData\Temp
2015-07-23 09:59 - 2015-07-23 09:59 - 00000000 ____D C:\ProgramData\install_clap
2015-07-23 09:58 - 2015-07-23 09:58 - 00000000 ____D C:\Windows\cs
2015-07-23 09:57 - 2015-07-23 09:57 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-07-23 09:57 - 2015-07-23 09:57 - 00001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-07-23 09:57 - 2015-07-23 09:57 - 00001311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-07-23 09:57 - 2015-07-23 09:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-07-23 09:57 - 2015-07-23 09:57 - 00000000 ____D C:\Program Files\Windows Live
2015-07-23 09:57 - 2015-07-23 09:57 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-23 09:56 - 2015-07-23 09:57 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-23 09:55 - 2015-07-23 09:55 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-07-23 09:55 - 2015-07-23 09:55 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-07-23 09:55 - 2015-07-23 09:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-07-23 09:55 - 2015-07-23 09:55 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-07-23 09:55 - 2015-07-23 09:55 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-07-23 09:55 - 2015-07-23 09:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-07-23 09:55 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-07-23 09:55 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-07-23 09:54 - 2015-07-23 09:54 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-07-23 09:54 - 2015-07-23 09:54 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-07-23 09:53 - 2015-07-23 10:08 - 00010403 _____ C:\Windows\DirectX.log
2015-07-23 09:53 - 2015-07-23 09:53 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-07-23 09:53 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-07-23 09:51 - 2015-07-30 18:05 - 00000000 ____D C:\Users\Admin\AppData\Local\Windows Live
2015-07-23 09:51 - 2015-07-23 10:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2015-07-23 09:51 - 2015-07-23 09:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-07-23 09:50 - 2015-07-23 09:50 - 06260358 _____ C:\Windows\system32\nfsDigitalClockClouds01_2.scr
2015-07-23 09:50 - 2004-03-10 19:33 - 00002513 _____ C:\Windows\system32\CONFIG.NT
2015-07-23 09:50 - 2003-03-19 05:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2015-07-23 09:50 - 2003-03-19 05:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\msvcp71.dll
2015-07-23 09:50 - 2003-02-21 13:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2015-07-23 09:50 - 2003-02-21 13:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\msvcr71.dll
2015-07-23 09:46 - 2015-07-23 09:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-23 09:46 - 2015-07-23 09:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-23 09:45 - 2015-07-23 13:57 - 00000000 ____D C:\ProgramData\Adobe
2015-07-23 08:33 - 2015-07-23 08:40 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-07-23 08:32 - 2015-08-02 16:27 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-07-23 08:32 - 2015-07-23 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-07-23 08:31 - 2015-07-23 08:31 - 00000000 ____D C:\ProgramData\Shared Space
2015-07-23 08:31 - 2015-07-23 08:31 - 00000000 ____D C:\Program Files\COMODO
2015-07-23 08:29 - 2015-07-23 08:33 - 00000000 ____D C:\ProgramData\Comodo
2015-07-23 08:09 - 2015-07-23 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-07-23 08:06 - 2015-07-23 08:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-07-23 08:06 - 2015-07-23 08:06 - 00000000 ____D C:\Windows\PCHEALTH
2015-07-23 08:06 - 2015-07-23 08:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2015-07-23 08:03 - 2015-07-23 08:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2015-07-23 08:03 - 2015-07-23 08:03 - 00000000 ____D C:\Program Files\Microsoft Office
2015-07-23 08:02 - 2015-07-23 12:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-23 08:02 - 2015-07-23 11:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-23 08:02 - 2015-07-23 08:02 - 00000000 ___RD C:\MSOCache
2015-07-23 08:00 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-23 08:00 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-23 08:00 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-07-23 08:00 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-07-23 08:00 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-07-23 07:48 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-23 07:48 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-23 07:30 - 2015-07-23 12:05 - 01752358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-23 07:06 - 2015-07-23 08:28 - 00109296 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-23 07:04 - 2015-07-23 07:21 - 00000000 ____D C:\ProgramData\Creative
2015-07-23 06:58 - 2015-07-30 19:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-23 06:58 - 2015-07-23 06:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-23 00:54 - 2015-07-23 10:28 - 00017456 _____ C:\Windows\IE11_main.log
2015-07-23 00:11 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-23 00:11 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-23 00:11 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-23 00:11 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-23 00:11 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-23 00:11 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-23 00:11 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-07-23 00:11 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-07-23 00:11 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-23 00:11 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-07-22 22:44 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-22 22:44 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-07-22 22:44 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-07-22 22:44 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-07-22 21:41 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-07-22 21:41 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-07-22 21:41 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-07-22 21:41 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-07-22 21:41 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-07-22 21:41 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-07-22 21:41 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-07-22 21:41 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-07-22 21:25 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-22 21:25 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-22 21:19 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-07-22 21:19 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-07-22 21:19 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-07-22 21:19 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-07-22 21:19 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-07-22 21:19 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-07-22 21:19 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-07-22 21:19 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-07-22 21:19 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-07-22 21:19 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-07-22 21:19 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-07-22 21:19 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-07-22 21:19 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-07-22 21:19 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-07-22 21:19 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-07-22 21:19 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-07-22 21:19 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-07-22 21:19 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-07-22 21:19 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-07-22 21:19 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-07-22 21:19 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-07-22 21:17 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-07-22 21:17 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-07-22 21:17 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-07-22 21:08 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-07-22 21:08 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-07-22 21:08 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-07-22 21:08 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-22 21:08 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-07-22 21:08 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-07-22 21:08 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-07-22 21:08 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-07-22 21:06 - 2015-07-22 21:08 - 00000000 ____D C:\Windows\system32\MRT
2015-07-22 21:06 - 2015-07-03 08:43 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-22 21:03 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-22 21:03 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-22 21:03 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-22 21:03 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-22 21:03 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-22 21:03 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-07-22 21:03 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-07-22 21:03 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-07-22 21:03 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-07-22 21:02 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-07-22 21:02 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-07-22 21:02 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-07-22 21:02 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll

[xymail]

2015-07-22 21:02 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-07-22 21:02 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-07-22 21:02 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-07-22 21:02 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-07-22 21:02 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-07-22 21:02 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-07-22 21:02 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-07-22 21:02 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-07-22 21:02 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-07-22 21:02 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-07-22 21:02 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-07-22 21:02 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-07-22 21:02 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-07-22 21:02 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-07-22 21:02 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-07-22 21:02 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-07-22 21:02 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-07-22 21:02 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-07-22 21:02 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-07-22 21:02 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-07-22 21:02 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-07-22 21:02 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-07-22 21:01 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 21:01 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 21:01 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 21:01 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 21:01 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-22 21:01 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 21:01 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-22 21:01 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-22 21:01 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 21:01 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-22 21:01 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-22 21:01 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-22 21:01 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-22 21:01 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-22 21:01 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-22 21:01 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-22 21:01 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-22 21:01 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-22 21:01 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-22 21:01 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-22 21:01 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-22 21:01 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-07-22 21:01 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-07-22 21:01 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-22 21:01 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-22 21:01 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-22 21:01 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-22 21:01 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-22 21:01 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-22 21:01 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-22 21:01 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-22 21:01 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-22 21:01 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-22 21:01 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-07-22 21:01 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-07-22 21:01 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-07-22 21:01 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-07-22 21:01 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-07-22 21:01 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-07-22 21:01 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-07-22 21:01 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-07-22 21:01 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-07-22 21:01 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-07-22 21:01 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-07-22 21:01 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-07-22 21:01 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-07-22 21:01 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-07-22 21:01 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-22 21:01 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-07-22 21:01 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-22 21:01 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-07-22 21:01 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-07-22 21:01 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-07-22 21:01 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-07-22 21:01 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-22 21:01 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-22 21:01 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-22 21:01 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-22 21:01 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-22 21:01 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-22 21:01 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-22 21:01 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-22 21:01 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-22 21:01 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-22 21:01 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-22 21:01 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-22 21:01 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-22 21:01 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-07-22 21:01 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-07-22 21:01 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-07-22 21:01 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-07-22 21:01 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-07-22 21:01 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-07-22 21:01 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-07-22 21:01 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-07-22 21:01 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-07-22 21:01 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-07-22 21:01 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-07-22 21:01 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-07-22 21:01 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-07-22 21:01 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-07-22 21:01 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-07-22 21:01 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-07-22 21:01 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-07-22 21:01 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-07-22 21:01 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-07-22 21:01 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-07-22 21:01 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-07-22 21:00 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-22 21:00 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-22 21:00 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-22 21:00 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-07-22 21:00 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-22 21:00 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-07-22 21:00 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-07-22 21:00 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-07-22 21:00 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-07-22 21:00 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-07-22 21:00 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-07-22 21:00 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-07-22 21:00 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-07-22 21:00 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-07-22 21:00 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-07-22 21:00 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-07-22 21:00 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-07-22 21:00 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-07-22 21:00 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-07-22 21:00 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-07-22 21:00 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-22 21:00 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-22 21:00 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-07-22 21:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-07-22 21:00 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-07-22 21:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-07-22 21:00 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-07-22 21:00 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-07-22 21:00 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-07-22 21:00 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-07-22 21:00 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-07-22 21:00 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-07-22 21:00 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-07-22 21:00 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-07-22 21:00 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-07-22 21:00 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-07-22 21:00 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-07-22 21:00 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-07-22 21:00 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-07-22 21:00 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-07-22 21:00 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-07-22 21:00 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-07-22 21:00 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-07-22 21:00 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-07-22 21:00 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-07-22 21:00 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-07-22 21:00 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-07-22 21:00 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-07-22 21:00 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-07-22 21:00 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-07-22 21:00 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-07-22 21:00 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-07-22 21:00 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-07-22 21:00 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-07-22 21:00 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-07-22 21:00 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-07-22 21:00 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-07-22 21:00 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-07-22 21:00 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-07-22 21:00 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-07-22 21:00 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-07-22 21:00 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-07-22 21:00 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-07-22 21:00 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-07-22 21:00 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-07-22 21:00 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-07-22 21:00 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-07-22 21:00 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-07-22 21:00 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-07-22 21:00 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-07-22 21:00 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-07-22 21:00 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-07-22 21:00 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-07-22 21:00 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-07-22 21:00 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-07-22 21:00 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-07-22 21:00 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-07-22 20:59 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-22 20:59 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-22 20:59 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-22 20:59 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-22 20:59 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-22 20:59 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-22 20:59 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-22 20:59 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-22 20:59 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-22 20:59 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-22 20:59 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-22 20:59 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-22 20:59 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-22 20:59 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-22 20:59 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-22 20:59 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-22 20:59 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-22 20:59 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-22 20:59 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-22 20:59 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-22 20:59 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-22 20:59 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-22 20:59 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-22 20:59 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-22 20:59 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-22 20:59 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-22 20:59 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-22 20:59 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-22 20:59 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-22 20:59 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-22 20:59 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-22 20:59 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-22 20:59 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-22 20:59 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-22 20:59 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-22 20:59 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-22 20:59 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-22 20:59 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-07-22 20:59 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-07-22 20:59 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-22 20:59 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-22 20:59 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-07-22 20:59 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-07-22 20:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-07-22 20:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-07-22 20:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-07-22 20:59 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-07-22 20:59 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-07-22 20:59 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-07-22 20:59 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-07-22 20:59 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-07-22 20:59 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-07-22 20:59 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-07-22 20:59 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-07-22 20:59 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-07-22 20:59 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-07-22 20:59 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-07-22 20:59 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-07-22 20:59 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-07-22 20:59 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-07-22 20:59 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-07-22 20:59 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-07-22 20:59 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-07-22 20:59 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-07-22 20:59 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-07-22 20:59 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-07-22 20:59 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-07-22 20:59 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-22 20:59 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-07-22 20:59 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-07-22 20:59 - 2012-11-29 00:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-07-22 20:59 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-07-22 20:59 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-07-22 20:59 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-07-22 20:59 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-07-22 20:59 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-07-22 20:59 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-07-22 20:59 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-07-22 20:59 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-07-22 20:59 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-22 20:59 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-07-22 20:59 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-07-22 20:59 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-07-22 20:59 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-07-22 20:59 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-07-22 20:59 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-22 20:59 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-07-22 20:59 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-07-22 20:59 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-22 20:59 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-07-22 20:58 - 2015-06-03 22:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-07-22 20:58 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-22 20:58 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-07-22 20:58 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-07-22 20:58 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-07-22 20:58 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-07-22 20:58 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-07-22 20:58 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-07-22 20:58 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-07-22 20:58 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-07-22 20:58 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-07-22 20:58 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-07-22 20:58 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-07-22 20:58 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-07-22 20:58 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-07-22 20:58 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-07-22 20:57 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-22 20:57 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-22 20:57 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-22 20:57 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-22 20:57 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-22 20:57 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-22 20:57 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-22 20:57 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-22 20:57 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-22 20:57 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-22 20:57 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-22 20:57 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-22 20:57 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-22 20:57 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-22 20:57 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-07-22 20:57 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-07-22 20:57 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-07-22 20:57 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-07-22 20:57 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-07-22 20:57 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-07-22 20:57 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-07-22 20:57 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-07-22 20:57 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-07-22 20:57 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-07-22 20:57 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-07-22 20:57 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-07-22 20:57 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-07-22 20:57 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-07-22 20:57 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-07-22 20:57 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-07-22 20:57 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-07-22 20:57 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-07-22 20:57 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-07-22 20:57 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-07-22 20:57 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-07-22 20:57 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-07-22 20:57 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-07-22 20:57 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-07-22 20:57 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-07-22 20:57 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-07-22 20:57 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-07-22 20:57 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-07-22 20:57 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-07-22 20:56 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-07-22 20:56 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-22 20:56 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-22 20:56 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-22 20:56 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-07-22 20:56 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-07-22 20:56 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-07-22 20:56 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-07-22 20:56 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-07-22 20:56 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-07-22 20:56 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-07-22 20:56 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-07-22 20:56 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-07-22 20:56 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-07-22 20:56 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-07-22 20:56 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-07-22 20:56 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-07-22 20:56 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-07-22 20:56 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-07-22 20:56 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-07-22 20:56 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-07-22 20:56 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-07-22 20:56 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-07-22 20:56 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-07-22 20:56 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-07-22 20:56 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-07-22 20:56 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-07-22 20:56 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-07-22 20:56 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-07-22 20:56 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-07-22 20:56 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-07-22 20:56 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-07-22 20:56 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-07-22 20:56 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-07-22 20:56 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-07-22 19:50 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-22 19:49 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-22 19:31 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-07-22 19:31 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-07-22 19:31 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-07-22 19:31 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-07-22 19:31 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-07-22 19:31 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-07-22 19:31 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-07-22 19:31 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-07-22 19:31 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-07-22 19:31 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-07-22 19:31 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-07-22 19:31 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-07-22 19:26 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-22 19:26 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-22 19:26 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-07-22 19:26 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-07-22 19:26 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-22 19:26 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-22 19:26 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-22 19:26 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-22 19:26 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-22 19:26 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-07-22 19:26 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-07-22 19:26 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-07-22 19:26 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-07-22 19:26 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-07-22 19:26 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-07-22 19:26 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-07-22 19:26 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-07-22 19:26 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-07-22 19:26 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-22 19:26 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-07-22 19:26 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-07-22 19:26 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-07-22 19:26 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-07-22 19:26 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-07-22 19:26 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-07-22 19:26 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-07-22 19:25 - 2015-06-03 22:17 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-07-22 19:25 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-22 19:25 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-22 19:25 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-22 19:25 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-22 19:25 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-07-22 19:25 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-07-22 19:25 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-22 19:25 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-07-22 19:25 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-07-22 19:25 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-07-22 19:25 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-07-22 19:24 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-07-22 19:24 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-07-22 19:24 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-07-22 19:24 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-07-22 19:24 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-07-22 19:24 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-07-22 19:24 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-07-22 19:24 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-07-22 19:24 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-07-22 19:24 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-07-22 19:24 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-22 19:24 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-22 19:24 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-07-22 19:23 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-22 19:23 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-22 19:23 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-07-22 19:23 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-07-22 19:23 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-07-22 19:23 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-07-22 19:23 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-07-22 19:23 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-07-22 19:23 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-07-22 19:23 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-07-22 19:23 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-07-22 19:23 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-07-22 19:23 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-07-22 19:23 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-07-22 19:23 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-07-22 19:23 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-07-22 19:23 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-07-22 19:23 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-07-22 19:23 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-07-22 19:23 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-07-22 19:23 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-07-22 19:23 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-07-22 19:23 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-07-22 19:23 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-07-22 19:23 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-07-22 18:25 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-07-22 18:25 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-07-22 18:25 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-07-22 18:10 - 2015-07-22 18:10 - 00000159 ___RH C:\Windows\ctfile.rfc
2015-07-22 18:10 - 2015-07-22 18:10 - 00000000 ____D C:\Windows\SysWOW64\Data
2015-07-22 18:10 - 2015-07-22 18:10 - 00000000 ____D C:\Windows\system32\Data
2015-07-22 18:10 - 2014-03-24 10:38 - 00089600 _____ C:\Windows\system32\CmdRtr64.DLL
2015-07-22 18:10 - 2014-03-24 10:37 - 00074240 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2015-07-22 18:10 - 2014-03-24 10:36 - 00366080 _____ C:\Windows\system32\APOMgr64.DLL
2015-07-22 18:10 - 2014-03-24 10:33 - 00274944 _____ C:\Windows\SysWOW64\APOMngr.DLL
2015-07-22 18:10 - 2005-06-15 08:09 - 00010752 _____ (Creative Technology Limited) C:\Windows\system32\INRES.DLL
2015-07-22 18:10 - 2005-06-15 08:07 - 00011264 _____ (Creative Technology Limited) C:\Windows\SysWOW64\INRES.DLL
2015-07-22 18:07 - 2015-07-22 18:08 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2015-07-22 18:07 - 2015-07-22 18:07 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-07-22 18:07 - 2015-07-22 18:07 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-07-22 18:07 - 2015-07-22 18:07 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-07-22 18:07 - 2014-04-25 16:33 - 01898496 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2015-07-22 18:07 - 2014-04-25 16:29 - 01609728 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2015-07-22 18:07 - 2012-01-26 21:44 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-07-22 18:01 - 2015-07-22 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-07-22 18:01 - 2015-07-22 18:07 - 00000000 ____D C:\Program Files\Creative
2015-07-22 18:00 - 2015-07-22 18:09 - 00000000 ____D C:\Program Files (x86)\Creative
2015-07-22 17:57 - 2009-10-16 11:50 - 00003930 _____ C:\Windows\system32\ludap17.ini
2015-07-22 17:57 - 2009-10-16 11:44 - 01309696 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\P17.sys
2015-07-22 17:57 - 2009-08-25 07:33 - 00613503 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\APOIM64.exe
2015-07-22 17:57 - 2009-08-13 12:19 - 00144384 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\OemSpiE.dll
2015-07-22 17:57 - 2009-07-28 19:38 - 00217600 _____ (Creative Technology Limited) C:\Windows\system32\ctdvins1.dll
2015-07-22 17:57 - 2009-07-28 19:38 - 00073728 _____ (Creative Technology Limited) C:\Windows\system32\ctcoins1.dll
2015-07-22 17:57 - 2009-04-21 07:40 - 00581120 _____ (Creative Technology Ltd.) C:\Windows\system32\P17APO64.dll
2015-07-22 17:57 - 2009-04-21 07:40 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\P17pld64.dll
2015-07-22 17:57 - 2009-04-21 07:40 - 00008491 _____ C:\Windows\SysWOW64\P17APO64.p17
2015-07-22 17:57 - 2009-04-21 07:38 - 00506368 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\P17APO32.dll
2015-07-22 17:57 - 2009-02-26 06:36 - 00140800 _____ (Creative Technology Ltd.) C:\Windows\system32\P17res.dll
2015-07-22 17:57 - 2008-11-13 11:07 - 00002177 _____ C:\Windows\P17EP.ini
2015-07-22 17:57 - 2008-08-26 13:30 - 00008704 _____ (Creative Technology Ltd.) C:\Windows\ResDefE.exe
2015-07-22 17:57 - 2007-06-07 10:25 - 00001578 _____ C:\Windows\P17EPLS.ini
2015-07-22 17:57 - 2007-06-07 10:25 - 00001578 _____ C:\Windows\P17EP51.ini
2015-07-22 17:57 - 2007-05-09 04:07 - 00018432 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\P17RunE.dll
2015-07-22 17:57 - 2006-12-04 18:56 - 00042496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\AppSetup.exe
2015-07-22 17:57 - 2006-12-04 18:56 - 00042496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\AddCat.exe
2015-07-22 17:57 - 2005-03-08 11:17 - 00000054 _____ C:\Windows\system32\ctzapxx.ini
2015-07-22 17:46 - 2015-07-22 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-22 17:46 - 2015-07-22 17:46 - 00000000 ____D C:\Program Files\7-Zip
2015-07-22 17:40 - 2015-07-23 10:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-22 17:35 - 2015-07-22 17:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-22 17:33 - 2015-07-22 17:37 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-07-22 17:33 - 2015-07-22 17:33 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-07-22 17:26 - 2015-07-23 15:32 - 00000000 ____D C:\Program Files (x86)\volumouse
2015-07-22 17:26 - 2015-07-22 17:26 - 00000000 ____D C:\Program Files (x86)\UWT v2.2
2015-07-22 17:26 - 2015-07-22 17:26 - 00000000 ____D C:\Program Files (x86)\TreeSize Professional
2015-07-22 17:26 - 2015-07-22 17:26 - 00000000 ____D C:\Program Files (x86)\NFO Viewer
2015-07-22 17:26 - 2015-07-22 17:26 - 00000000 ____D C:\Program Files (x86)\HyperSnap-DX
2015-07-22 17:26 - 2015-07-22 17:26 - 00000000 ____D C:\Program Files (x86)\HWiNFO
2015-07-22 17:25 - 2015-07-22 17:26 - 00000000 ____D C:\Program Files (x86)\HDD soft
2015-07-22 17:25 - 2015-07-22 17:25 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-07-22 17:23 - 2015-07-23 14:06 - 00000000 ____D C:\Program Files (x86)\XnView
2015-07-22 17:23 - 2015-07-22 17:25 - 00000000 ____D C:\Program Files (x86)\Foxit Reader
2015-07-22 17:23 - 2014-03-04 15:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-22 17:23 - 2014-03-04 15:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-22 17:23 - 2014-03-04 15:05 - 03649185 _____ C:\Windows\system32\nvcoproc.bin
2015-07-22 17:23 - 2014-03-04 15:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-22 17:23 - 2014-03-04 15:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-22 17:23 - 2014-03-04 15:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-22 17:23 - 2014-03-04 15:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-22 17:22 - 2015-07-23 14:02 - 00000000 ____D C:\Program Files (x86)\AtomTime Pro
2015-07-22 17:22 - 2015-07-22 17:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-22 17:22 - 2015-07-22 17:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-22 17:22 - 2014-03-04 16:35 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-22 17:22 - 2014-03-04 16:35 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-22 17:18 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-22 17:18 - 2014-03-04 16:35 - 00024544 _____ C:\Windows\system32\nvinfo.pb
2015-07-22 17:18 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-22 17:18 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-22 17:18 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-07-22 17:17 - 2015-07-22 17:07 - 00000000 ____D C:\Windows\Panther
2015-07-22 17:15 - 2015-07-22 17:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-22 17:14 - 2015-07-22 17:15 - 00000000 ____D C:\Program Files\Salamander 3 x64
2015-07-22 17:07 - 2015-08-02 15:46 - 01696409 _____ C:\Windows\WindowsUpdate.log
2015-07-22 17:07 - 2015-07-31 15:54 - 00000000 ____D C:\Users\Admin
2015-07-22 17:07 - 2015-07-23 10:30 - 00001423 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-22 17:07 - 2015-07-22 17:07 - 00000020 ___SH C:\Users\Admin\ntuser.ini
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Šablony
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Poslední
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Okolní síť
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Dokumenty
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\Data aplikací
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Šablony
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Soubory cookie
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Poslední
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Okolní tiskárny
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Okolní síť
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Nabídka Start
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Dokumenty
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\Data aplikací
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Data aplikací
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\ProgramData\Šablony
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\ProgramData\Plocha
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\ProgramData\Oblíbené položky
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\ProgramData\Dokumenty
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 _SHDL C:\ProgramData\Data aplikací
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2015-07-22 17:07 - 2015-07-22 17:07 - 00000000 ____D C:\Recovery
2015-07-22 17:07 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-22 17:07 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-22 16:20 - 2015-07-22 16:20 - 00001355 _____ C:\Windows\TSSysprep.log
2015-07-22 16:20 - 2015-07-22 16:20 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-07-22 16:20 - 2015-07-22 16:20 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 15:45 - 2009-07-14 06:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-02 15:45 - 2009-07-14 06:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-02 15:43 - 2010-11-21 11:27 - 00812026 _____ C:\Windows\system32\perfh005.dat
2015-08-02 15:43 - 2010-11-21 11:27 - 00189398 _____ C:\Windows\system32\perfc005.dat
2015-08-02 15:43 - 2009-07-14 07:13 - 01777412 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-02 15:37 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-02 15:37 - 2009-07-14 06:51 - 00029630 _____ C:\Windows\setupact.log
2015-07-31 20:06 - 2010-11-21 05:47 - 00038116 _____ C:\Windows\PFRO.log
2015-07-31 19:55 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-24 18:19 - 2010-11-21 05:23 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2015-07-24 18:18 - 2009-07-14 02:21 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2015-07-24 18:18 - 2009-07-14 02:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2015-07-24 16:22 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-24 15:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-07-23 15:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-23 12:08 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-23 12:07 - 2009-07-14 06:45 - 00411816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-23 12:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-23 12:06 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-23 11:08 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-07-23 09:57 - 2014-03-31 21:34 - 00322248 _____ (společnost Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2015-07-23 09:55 - 2012-07-26 19:08 - 00862664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll
2015-07-23 08:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-07-23 08:06 - 2010-11-21 11:38 - 00000000 ____D C:\Windows\ShellNew
2015-07-23 07:01 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-23 06:58 - 2010-11-21 11:38 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-23 06:58 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-07-23 06:58 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-07-23 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-07-23 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-07-23 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-07-23 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-07-23 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-07-23 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2015-07-23 06:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-22 17:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-07-22 17:17 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-07-22 17:17 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-07-22 17:07 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-07-22 17:07 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-22 17:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2015-07-22 17:07 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2015-07-22 16:20 - 2009-07-14 06:46 - 00002790 _____ C:\Windows\DtcInstall.log
2015-07-22 16:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-07-22 16:18 - 2010-11-21 11:38 - 00000000 ____D C:\Windows\CSC

==================== Files in the root of some directories =======

2015-07-24 18:49 - 2015-08-01 06:05 - 0001189 _____ () C:\Users\Admin\AppData\Roaming\vso_ts_preview.xml
2015-08-02 15:18 - 2015-08-02 15:42 - 0029696 _____ () C:\Users\Admin\AppData\Local\MSGBOX.EXE

Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\wscript.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-02 00:20

==================== End of log ============================

[vyosek]

Co se tyce ComboFixu, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Log z CF byste tedy aspon nasel??

[xymail]

Systém je zinstalovaný cca týden , takže pokud by "lehl" nic extra hrozného by se nestalo.
Ale neoznačil bych se jako někdo kdo s ním CF umí pracovat. Rizika jsem si vědom


ComboFix 15-07-31.01 - Admin 31.07.2015 19:47:59.1.1 - x64 NETWORK
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3072.2290 [GMT 2:00]
Spuštěný z: d:\dokumenty\Plocha\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
FW: COMODO Firewall *Enabled* {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
SP: Comodo Defense+ *Enabled/Updated* {493CE176-EB84-BC8D-9707-B3ACF7598648}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7a8655efc42251f7bed2ffdd7141fb5e.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-28 do 2015-07-31 )))))))))))))))))))))))))))))))
.
.
2015-07-31 17:55 . 2015-07-31 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-31 13:53 . 2015-07-31 13:54 -------- d-----w- C:\sh4ldr
2015-07-31 13:52 . 2015-07-31 13:52 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2015-07-31 13:51 . 2015-07-31 13:51 -------- d-----w- c:\program files\Enigma Software Group
2015-07-29 20:05 . 2015-07-29 20:05 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2015-07-29 18:21 . 2015-07-29 18:21 -------- d-----w- c:\program files (x86)\DsNET Corp
2015-07-29 01:01 . 2015-07-29 01:01 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-29 01:01 . 2015-07-29 01:01 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-29 01:01 . 2015-07-29 01:01 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-29 01:01 . 2015-07-29 01:01 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-29 01:01 . 2015-07-29 01:01 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-29 01:01 . 2015-07-29 01:01 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-25 00:54 . 2015-07-25 00:54 -------- d-----w- c:\programdata\vsosdk
2015-07-24 16:45 . 2015-07-24 16:46 102439 ----a-w- c:\windows\SysWow64\sipr3260.dll
2015-07-24 16:45 . 2015-07-24 16:46 217127 ----a-w- c:\windows\SysWow64\drv43260.dll
2015-07-24 16:45 . 2015-07-24 16:46 208935 ----a-w- c:\windows\SysWow64\drv33260.dll
2015-07-24 16:45 . 2015-07-24 16:46 176165 ----a-w- c:\windows\SysWow64\drv23260.dll
2015-07-24 16:45 . 2015-07-24 16:46 65602 ----a-w- c:\windows\SysWow64\cook3260.dll
2015-07-24 16:45 . 2015-07-24 16:46 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll
2015-07-24 16:45 . 2015-07-24 16:46 1184984 ----a-w- c:\windows\SysWow64\wvc1dmod.dll
2015-07-24 16:45 . 2015-07-24 16:45 -------- d-----w- c:\program files (x86)\VSO
2015-07-24 14:19 . 2015-07-30 13:09 -------- d-----w- c:\program files (x86)\Raptr
2015-07-24 14:15 . 2015-07-31 17:28 -------- d-----w- c:\program files\Vuze
2015-07-24 14:12 . 2015-07-24 14:12 963488 ----a-w- c:\windows\system32\deployJava1.dll
2015-07-24 14:12 . 2015-07-24 14:12 310688 ----a-w- c:\windows\system32\javaws.exe
2015-07-24 14:12 . 2015-07-24 14:12 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2015-07-24 14:12 . 2015-07-24 14:12 188320 ----a-w- c:\windows\system32\java.exe
2015-07-24 14:12 . 2015-07-24 14:12 188832 ----a-w- c:\windows\system32\javaw.exe
2015-07-24 14:12 . 2015-07-24 14:12 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-07-24 14:12 . 2015-07-24 14:12 -------- d-----w- c:\program files\Java
2015-07-24 14:11 . 2015-07-24 14:11 -------- d-----w- C:\instalačky
2015-07-23 12:03 . 2015-07-23 12:03 -------- d-----w- c:\users\Public\Foxit Software
2015-07-23 11:54 . 2015-07-23 11:54 -------- d-----w- c:\programdata\Photoshop64 Portable 2014
2015-07-23 11:38 . 2015-07-23 11:38 -------- d-----w- c:\programdata\Nero 2015 portable
2015-07-23 11:36 . 2015-07-23 11:36 -------- d-----w- c:\windows\Sun
2015-07-23 11:36 . 2015-07-23 11:36 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-07-23 11:36 . 2015-07-23 11:35 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-23 11:35 . 2015-07-23 11:36 -------- d-----w- c:\programdata\Oracle
2015-07-23 11:34 . 2015-07-23 11:34 -------- d-----w- c:\program files (x86)\Java
2015-07-23 11:24 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2015-07-23 11:24 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2015-07-23 11:24 . 2015-07-23 11:24 67072 ----a-w- c:\windows\splwow64.exe
2015-07-23 11:24 . 2015-07-23 11:24 559104 ----a-w- c:\windows\system32\spoolsv.exe
2015-07-23 11:20 . 2015-07-31 17:35 -------- d-----w- c:\program files (x86)\foobar2000
2015-07-23 11:17 . 2015-07-23 11:17 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-07-23 11:16 . 2015-07-30 21:02 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-23 11:16 . 2015-07-30 21:02 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-23 11:16 . 2015-07-23 11:16 -------- d-----w- c:\windows\SysWow64\Macromed
2015-07-23 11:16 . 2015-07-23 11:16 -------- d-----w- c:\windows\system32\Macromed
2015-07-23 09:20 . 2015-07-23 09:20 -------- d-----w- c:\program files\Microsoft Silverlight
2015-07-23 09:20 . 2015-07-23 09:20 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2015-07-23 09:07 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-07-23 09:07 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2015-07-23 09:03 . 2015-06-20 19:50 66560 ----a-w- c:\windows\system32\iesetup.dll
2015-07-23 08:40 . 2015-07-23 08:40 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys
2015-07-23 08:40 . 2015-07-23 08:40 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2015-07-23 08:40 . 2015-07-23 08:40 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2015-07-23 08:40 . 2015-07-23 08:40 3382440 ----a-w- c:\windows\system32\BootMan.exe
2015-07-23 08:40 . 2015-07-23 08:40 2499752 ----a-w- c:\windows\SysWow64\BootMan.exe
2015-07-23 08:40 . 2015-07-23 08:40 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2015-07-23 08:40 . 2015-07-23 08:40 17480 ----a-w- c:\windows\system32\epmntdrv.sys
2015-07-23 08:40 . 2015-07-23 08:40 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll
2015-07-23 08:40 . 2015-07-23 08:40 14920 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2015-07-23 08:40 . 2015-07-23 08:40 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe
2015-07-23 08:40 . 2015-07-23 08:40 -------- d-----w- c:\program files (x86)\EaseUS
2015-07-23 08:28 . 2015-07-23 08:20 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2015-07-23 08:17 . 2015-07-23 08:17 -------- d-----w- c:\programdata\VS Revo Group
2015-07-23 08:17 . 2015-07-23 08:17 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2015-07-23 08:17 . 2015-07-23 08:17 -------- d-----w- c:\program files\VS Revo Group
2015-07-23 08:07 . 2007-10-12 13:14 5081608 ----a-w- c:\windows\system32\d3dx9_36.dll
2015-07-23 08:01 . 2015-07-23 08:04 -------- d-----w- c:\programdata\CyberLink
2015-07-23 08:01 . 2015-07-23 08:01 -------- d-----w- c:\programdata\PDVD
2015-07-23 08:00 . 2015-07-23 08:00 -------- d-----w- c:\program files (x86)\CyberLink
2015-07-23 07:59 . 2015-07-23 07:59 -------- d-----w- c:\programdata\install_clap
2015-07-23 07:58 . 2015-07-23 07:58 -------- d-----w- c:\windows\cs
2015-07-23 07:57 . 2015-07-23 07:57 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2015-07-23 07:57 . 2015-07-23 07:57 -------- d-----w- c:\program files\Windows Live
2015-07-23 07:56 . 2015-07-23 07:57 -------- d-----w- c:\program files (x86)\Windows Live
2015-07-23 07:55 . 2015-07-23 07:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-07-23 07:55 . 2015-07-23 07:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-07-23 07:55 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-07-23 07:55 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-07-23 07:55 . 2015-07-23 07:55 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-07-23 07:55 . 2015-07-23 07:55 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2015-07-23 07:55 . 2015-07-23 07:55 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2015-07-23 07:55 . 2015-07-23 07:55 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2015-07-23 07:54 . 2015-07-23 07:54 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2015-07-23 07:54 . 2015-07-23 07:54 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2015-07-23 07:53 . 2015-07-23 07:53 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2015-07-23 07:53 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2015-07-23 07:51 . 2015-07-23 07:51 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2015-07-23 07:50 . 2015-07-23 07:50 6260358 ----a-w- c:\windows\system32\nfsDigitalClockClouds01_2.scr
2015-07-23 07:50 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2015-07-23 07:50 . 2003-03-19 03:14 499712 ----a-w- c:\windows\msvcp71.dll
2015-07-23 07:50 . 2003-02-21 11:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2015-07-23 07:50 . 2003-02-21 11:42 348160 ----a-w- c:\windows\msvcr71.dll
2015-07-23 07:46 . 2015-07-23 07:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2015-07-23 06:31 . 2015-07-23 06:31 -------- d-----w- c:\programdata\Shared Space
2015-07-23 06:31 . 2015-07-23 06:31 -------- d-----w- c:\program files\COMODO
2015-07-23 06:29 . 2015-07-23 06:33 -------- d-----w- c:\programdata\Comodo
2015-07-23 06:06 . 2015-07-23 06:22 -------- d-----w- c:\program files (x86)\Microsoft Works
2015-07-23 05:04 . 2015-07-23 05:21 -------- d-----w- c:\programdata\Creative
2015-07-23 04:58 . 2015-07-23 04:58 -------- d-----w- c:\windows\SysWow64\Wat
2015-07-23 04:58 . 2015-07-23 04:58 -------- d-----w- c:\windows\system32\Wat
2015-07-23 04:58 . 2015-07-23 04:58 -------- d-----w- c:\windows\Migration
2015-07-23 04:58 . 2015-07-30 17:00 -------- d-s---w- c:\windows\system32\CompatTel
2015-07-23 04:58 . 2015-07-23 04:58 -------- d-----w- c:\windows\system32\appraiser
2015-07-22 22:11 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2015-07-22 22:11 . 2013-10-02 04:38 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2015-07-22 22:11 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2015-07-22 22:11 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-22 22:11 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-22 22:11 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2015-07-22 22:11 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2015-07-22 22:11 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2015-07-22 22:11 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2015-07-22 22:11 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
2015-07-22 22:11 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
2015-07-22 21:06 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2015-07-22 20:44 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-07-22 20:44 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2015-07-22 20:44 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2015-07-22 20:44 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2015-07-22 19:41 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2015-07-22 19:41 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-24 17:53 . 2009-07-14 00:21 299520 ----a-w- c:\windows\system32\drivers\UMDF\WpdFs.dll
2015-07-24 16:19 . 2010-11-21 03:23 41984 ----a-w- c:\windows\system32\drivers\winusb.sys
2015-07-24 16:18 . 2009-07-14 00:21 297984 ----a-w- c:\windows\system32\WpdMtp.dll
2015-07-24 16:18 . 2009-07-14 00:21 88064 ----a-w- c:\windows\system32\WpdMtpUS.dll
2015-07-23 08:21 . 2015-07-23 08:21 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2015-07-23 08:21 . 2015-07-23 08:21 243200 ----a-w- c:\windows\system32\webcheck.dll
2015-07-23 07:57 . 2014-03-31 19:34 322248 ----a-w- c:\windows\WLXPGSS.SCR
2015-07-23 07:56 . 2012-07-17 12:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-07-23 07:55 . 2012-07-26 17:08 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll
2015-06-23 11:30 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-06-05 12:35 . 2015-06-05 12:35 104584 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-06-05 12:35 . 2015-06-05 12:35 45856 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-06-05 12:35 . 2015-06-05 12:35 797256 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2015-06-05 12:35 . 2015-06-05 12:35 20672 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-06-05 12:34 . 2015-06-05 12:34 41224 ----a-w- c:\windows\system32\cmdcsr.dll
2015-06-05 12:34 . 2015-06-05 12:34 444448 ----a-w- c:\windows\SysWow64\guard32.dll
2015-06-05 12:34 . 2015-06-05 12:34 576824 ----a-w- c:\windows\system32\guard64.dll
2015-06-05 12:33 . 2015-06-05 12:33 358080 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-06-05 12:32 . 2015-06-05 12:32 45760 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-06-05 12:31 . 2015-06-05 12:31 288448 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-06-05 12:31 . 2015-06-05 12:31 40640 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-05-25 18:19 . 2015-07-22 19:01 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-07-22 19:01 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-07-22 19:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"$Volumouse$"="c:\program files (x86)\volumouse\volumouse.exe" [2011-06-21 88576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-07-23 334896]
"AtomTime"="c:\program files (x86)\AtomTime Pro\AtomTime.EXE" [2004-12-03 396316]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2015-07-30 56080]
"dll"="wscript.exe" [2013-10-12 141824]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
dll.vbs [2015-7-26 14271]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2015/07/23 10:01];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [x]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-23 21:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-06-05 1427648]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-7a8655efc42251f7bed2ffdd7141fb5e - c:\users\Admin\AppData\Local\Temp\Google Chrome.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_124_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_124_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_124_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_124_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_124.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_124.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_124.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_124.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-07-31 19:58:08
ComboFix-quarantined-files.txt 2015-07-31 17:58
.
Před spuštěním: Volných bajtů: 77 907 193 856
Po spuštění: Volných bajtů: 77 936 533 504
.
- - End Of File - - 03C512ED6256490E8A3112AC989ACD54
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION
  HKLM-x32\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION
  HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
  HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  
  FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2015-07-23]
  
  S3 catchme; \??\C:\ComboFix\catchme.sys [X]
  
  2015-08-02 15:18 - 2015-08-02 15:42 - 00029696 _____ C:\Users\Admin\AppData\Local\MSGBOX.EXE
  2015-08-02 11:44 - 2015-08-02 11:44 - 00000512 _____ C:\PhysicalMBR.bin
  2015-08-02 05:38 - 2015-08-02 05:38 - 00000000 ____D C:\Program Files\McAfee
  2015-07-31 19:58 - 2015-07-31 19:58 - 00026771 _____ C:\ComboFix.txt
  2015-07-31 19:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
  2015-07-31 19:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
  2015-07-31 19:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
  2015-07-31 19:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
  2015-07-31 19:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
  2015-07-31 19:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
  2015-07-31 19:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
  2015-07-31 19:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
  2015-07-31 19:37 - 2015-07-31 19:58 - 00000000 ____D C:\Qoobox
  2015-07-31 19:35 - 2015-07-31 19:55 - 00000000 ____D C:\Windows\erdnt
  2015-07-31 16:52 - 2015-07-31 16:52 - 00000812 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  
  AlternateDataStreams: C:\autoexec.bat:$CmdTcID
  AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\WLXPGSS.SCR:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\ac3acm.acm:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\BootMan.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\epmntdrv.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\esent.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\EuEpmGdi.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\EuGdiDrv.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\ff_vfw.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\fsutil.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\IEUDINIT.EXE:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\java.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\javaw.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\javaws.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\lagarith.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\nfsDigitalClockClouds01_2.scr:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\setupempdrvx64.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\x264vfw64.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xvidcore.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\xvidvfw.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\ac3acm.acm:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\BootMan.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\cook3260.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\drv23260.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\drv33260.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\drv43260.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\epmntdrv.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\esent.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\EuEpmGdi.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\EuGdiDrv.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\ff_vfw.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\fmcodec.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\fsutil.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\lagarith.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\msvcr110.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\Pncrt.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\setupempdrv03.exe:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\sipr3260.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\vp7vfw.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\wvc1dmod.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\x264vfw.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xvidcore.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\SysWOW64\xvidvfw.dll:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\amdsata.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\amdxata.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\iaStorV.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\nvraid.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\nvstor.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\revoflt.sys:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID
  AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID
  AlternateDataStreams: C:\Users\Admin\AppData\Local\MSGBOX.EXE:$CmdTcID
  
  FirewallRules: [{7958EA19-1FC7-4953-B72C-9EF438CB1EDD}] => (Allow) LPort=2869
  FirewallRules: [{226A0EDF-5C3C-4EBB-9A4A-96C71F4131D0}] => (Allow) LPort=1900
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[xymail]

Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015
Ran by Admin (2015-08-02 18:30:14) Run:1
Running from D:\Dokumenty\Plocha
Loaded Profiles: Admin (Available Profiles: Admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION
HKLM-x32\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\...\Run: [dll] => wscript.exe //B "C:\Users\Admin\AppData\Local\Temp\dll.vbs" <===== ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2015-07-23]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

2015-08-02 15:18 - 2015-08-02 15:42 - 00029696 _____ C:\Users\Admin\AppData\Local\MSGBOX.EXE
2015-08-02 11:44 - 2015-08-02 11:44 - 00000512 _____ C:\PhysicalMBR.bin
2015-08-02 05:38 - 2015-08-02 05:38 - 00000000 ____D C:\Program Files\McAfee
2015-07-31 19:58 - 2015-07-31 19:58 - 00026771 _____ C:\ComboFix.txt
2015-07-31 19:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-31 19:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-31 19:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-31 19:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-31 19:37 - 2015-07-31 19:58 - 00000000 ____D C:\Qoobox
2015-07-31 19:35 - 2015-07-31 19:55 - 00000000 ____D C:\Windows\erdnt
2015-07-31 16:52 - 2015-07-31 16:52 - 00000812 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\autoexec.bat:$CmdTcID
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\WLXPGSS.SCR:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ac3acm.acm:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\BootMan.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\epmntdrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\esent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EuEpmGdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EuGdiDrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ff_vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fsutil.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IEUDINIT.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lagarith.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nfsDigitalClockClouds01_2.scr:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setupempdrvx64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x264vfw64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xvidcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xvidvfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ac3acm.acm:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\BootMan.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cook3260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drv23260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drv33260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drv43260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\epmntdrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\esent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\EuEpmGdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\EuGdiDrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ff_vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fmcodec.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fsutil.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lagarith.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msvcr110.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\Pncrt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setupempdrv03.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sipr3260.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vp7vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wvc1dmod.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x264vfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xvidcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xvidvfw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdsata.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdxata.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\iaStorV.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvraid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvstor.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\revoflt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID
AlternateDataStreams: C:\Users\Admin\AppData\Local\MSGBOX.EXE:$CmdTcID

FirewallRules: [{7958EA19-1FC7-4953-B72C-9EF438CB1EDD}] => (Allow) LPort=2869
FirewallRules: [{226A0EDF-5C3C-4EBB-9A4A-96C71F4131D0}] => (Allow) LPort=1900

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\dll => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\dll => value removed successfully
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Microsoft\Windows\CurrentVersion\Run\\dll => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} => moved successfully.
catchme => service removed successfully
C:\Users\Admin\AppData\Local\MSGBOX.EXE => moved successfully.
C:\PhysicalMBR.bin => moved successfully.
C:\Program Files\McAfee => moved successfully.
C:\ComboFix.txt => moved successfully.
C:\Windows\PEV.exe => moved successfully.
C:\Windows\MBR.exe => moved successfully.
C:\Windows\NIRCMD.exe => moved successfully.
C:\Windows\SWREG.exe => moved successfully.
C:\Windows\SWSC.exe => moved successfully.
C:\Windows\sed.exe => moved successfully.
C:\Windows\grep.exe => moved successfully.
C:\Windows\zip.exe => moved successfully.
C:\Qoobox => moved successfully.
C:\Windows\erdnt => moved successfully.
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk => moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
"C:\autoexec.bat" => ":$CmdTcID" ADS not found.
"C:\Windows\splwow64.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\WLXPGSS.SCR" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\ac3acm.acm" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\acmigration.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\aeinv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\aepdu.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\appraiser.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\BootMan.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\CompatTelRunner.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DCompiler_37.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DCompiler_40.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DCompiler_41.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DCompiler_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DCompiler_43.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx10_33.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx10_37.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx10_40.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx10_41.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx10_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx11_43.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx9_25.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\d3dx9_33.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DX9_37.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DX9_38.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DX9_39.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DX9_40.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DX9_41.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\D3DX9_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\devinv.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\epmntdrv.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\esent.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\EuEpmGdi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\EuGdiDrv.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\ff_vfw.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\fsutil.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\generaltel.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\IEUDINIT.EXE" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\invagent.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\java.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\javaw.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\javaws.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\jscript9.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\KBDBASH.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\KBDRU.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\KBDRU1.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\KBDTAT.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\KBDYAK.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\lagarith.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\nfsDigitalClockClouds01_2.scr" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\rdpcorets.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\RdpGroupPolicyExtension.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\rdpudd.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\setupempdrvx64.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\spoolsv.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\TSWbPrxy.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\WpdMtp.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\WpdMtpUS.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\x264vfw64.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\x3daudio1_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\X3DAudio1_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\X3DAudio1_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\X3DAudio1_7.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_10.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_6.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_7.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_8.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine2_9.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine3_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine3_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine3_6.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xactengine3_7.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\XAPOFX1_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\XAPOFX1_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\XAudio2_0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\XAudio2_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\XAudio2_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xinput1_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xinput1_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xvidcore.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\xvidvfw.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\ac3acm.acm" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\BootMan.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\cook3260.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_33.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_34.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_35.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_36.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_37.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_38.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_39.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_40.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DCompiler_43.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dcsx_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dcsx_43.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_33.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_34.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_35.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_36.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_37.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_38.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_39.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_40.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx10_43.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx11_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx11_43.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_24.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_25.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_26.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_27.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_28.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_29.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_30.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_31.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_32.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_33.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_34.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_35.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\d3dx9_36.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DX9_37.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DX9_38.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DX9_39.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DX9_40.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DX9_41.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DX9_42.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\D3DX9_43.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\drv23260.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\drv33260.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\drv43260.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\epmntdrv.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\esent.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\EuEpmGdi.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\EuGdiDrv.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\ff_vfw.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\FlashPlayerApp.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\fmcodec.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\fsutil.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\jscript9.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\jscript9diag.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\KBDBASH.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\KBDRU.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\KBDRU1.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\KBDTAT.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\KBDYAK.DLL" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\lagarith.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\msvcr110.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\Pncrt.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\setupempdrv03.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\sipr3260.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\vp7vfw.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\wvc1dmod.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\x264vfw.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\x3daudio1_0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\x3daudio1_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\X3DAudio1_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\X3DAudio1_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\X3DAudio1_4.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\X3DAudio1_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\X3DAudio1_6.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\X3DAudio1_7.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_10.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_4.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_6.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_7.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_8.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine2_9.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_4.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_6.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xactengine3_7.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAPOFX1_0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAPOFX1_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAPOFX1_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAPOFX1_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAPOFX1_4.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAPOFX1_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_0.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_4.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_5.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_6.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\XAudio2_7.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xinput1_1.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xinput1_2.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xinput1_3.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xvidcore.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\xvidvfw.dll" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\amdsata.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\amdxata.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\iaStorV.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\nvraid.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\nvstor.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\revoflt.sys" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\USBSTOR.SYS" => ":$CmdTcID" ADS not found.
"C:\Windows\system32\Drivers\winusb.sys" => ":$CmdTcID" ADS not found.
"C:\Users\Admin\AppData\Local\MSGBOX.EXE" => ":$CmdTcID" ADS not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7958EA19-1FC7-4953-B72C-9EF438CB1EDD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{226A0EDF-5C3C-4EBB-9A4A-96C71F4131D0} => value removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 388.5 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 18:31:03 ====

[vyosek]

Jak se chova PC??

[xymail]

Když bylo PC infikované , tak se vir choval tak, že vše přejmenoval na lnk a fotky + videa "schoval".
Dal jsem do něj nyní nenakažený usb disk s mediálními soubory a už se to nestalo.

Znamená to, že se podařilo vir odstranit ?

Během infikace jsem měl v PC mobil s mikroSD kartou a jiný USB disk, na kterých mám pořád místo media souborů ty lnk.
Poradíte mi prosím , co s tím mám udělat ? O soubory z těch remov. médií mi nejde , spíš nevím , zda-li opět nenakazím PC, když ten disk nebo kartu k němu zase připojím.

[vyosek]

Aplikujte USBFix http://forum.viry.cz/viewtopic.php?f=24&t=140144 ten by mel problem se schovanymi soubory vyresit