Firefox a reklamní stránky

[vaclavka83]

Dobrý den. Ve firefoxu se mi otevýrají různé raklmní stránky..... např: http://thebrowsergame.com
Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2016-01-31 16:34:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 69 GB (32%) free of 215 GB
Total RAM: 4094 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:34:41, on 31.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unblockservice.com/wpad.dat?51a7 ... 7395171804
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Codec Settings UAC Manager] "C:\Windows\system32\Codecs\CodecUACManager.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\Codecs\UpdateChecker.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ihpmServer - RayDl - C:\Program Files (x86)\RayDld\ihpmServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6525 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
taskeng.exe {70A7890F-D243-47ED-A289-AA4288BC7F13}
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\RayDld\ihpmServer.exe"
system32\RAPID\SamsungRapidSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3000
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-935c7e90-06cb-4b15-9199-1d6a84dacf43 -SystemEventPortName:HostProcess-b1c28381-33ef-4dfb-8f5d-b85b546254bf -IoCancelEventPortName:HostProcess-b171e71d-e5a6-4b54-b858-1e1c51c6185a -NonStateChangingEventPortName:HostProcess-b15bb1a6-87da-45e3-b3d1-1a6cc5f4acb2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6dc242b0-4d1c-4989-b31e-4bf880cde13f -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe19_ Global\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\David\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "keyword.URL" - "https://www.google.com/search?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\searchplugins\
google-avast.xml
yoursearching.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-08 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-08 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Codec Pack Update Checker"=C:\Windows\system32\Codecs\UpdateChecker.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmPCIaudio]
C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive]
C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-01-14 551112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-29 7982112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SamsungRapidApp]
C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2014-09-16 281776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-08 7021880]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Codec Settings UAC Manager"=C:\Windows\system32\Codecs\CodecUACManager.exe []

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-31 16:34:35 ----D---- C:\rsit
2016-01-31 16:34:35 ----D---- C:\Program Files\trend micro
2016-01-28 18:49:07 ----D---- C:\ProgramData\boost_interprocess
2016-01-28 18:46:51 ----D---- C:\Program Files (x86)\RayDld
2016-01-28 18:46:43 ----D---- C:\Users\David\AppData\Roaming\SimpleFiles
2016-01-28 18:46:41 ----D---- C:\Program Files (x86)\SimpleFiles
2016-01-28 17:47:37 ----D---- C:\Program Files (x86)\Adobe
2016-01-27 18:02:56 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-01-27 18:02:42 ----D---- C:\Program Files\Adobe
2016-01-27 18:00:59 ----D---- C:\Program Files\Common Files\Adobe
2016-01-27 18:00:02 ----D---- C:\ProgramData\Adobe
2016-01-26 15:19:43 ----D---- C:\Users\David\AppData\Roaming\WildTangent
2016-01-26 15:19:42 ----D---- C:\ProgramData\WildTangent
2016-01-26 15:19:42 ----D---- C:\Program Files (x86)\WildTangent Games
2016-01-26 15:15:01 ----D---- C:\ProgramData\Trymedia
2016-01-26 11:20:09 ----D---- C:\Program Files (x86)\Prompt Downloader
2016-01-26 11:19:47 ----D---- C:\Program Files (x86)\Seznam.cz
2016-01-22 20:02:01 ----D---- C:\ProgramData\Bohemia Interactive
2016-01-22 20:01:47 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-01-22 19:31:17 ----D---- C:\Users\David\AppData\Roaming\uplay
2016-01-21 10:57:24 ----D---- C:\ProgramData\Steam
2016-01-20 20:20:59 ----D---- C:\ProgramData\Origin
2016-01-20 19:48:09 ----D---- C:\Users\David\AppData\Roaming\MPC-HC
2016-01-20 19:38:16 ----D---- C:\Windows\SYSWOW64\Codecs
2016-01-20 19:27:56 ----D---- C:\Users\David\AppData\Roaming\Seznam.cz
2016-01-20 18:53:22 ----D---- C:\Live
2016-01-20 18:52:45 ----A---- C:\manifest.txt
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-01-15 07:02:26 ----D---- C:\Program Files (x86)\Elaborate Bytes
2016-01-14 09:49:50 ----A---- C:\Windows\ntbtlog.txt
2016-01-14 09:38:36 ----D---- C:\Windows\pss
2016-01-13 21:47:15 ----D---- C:\Users\David\AppData\Roaming\Wargaming.net
2016-01-13 17:50:08 ----A---- C:\Windows\system32\invagent.dll
2016-01-13 17:50:08 ----A---- C:\Windows\system32\generaltel.dll
2016-01-13 17:50:08 ----A---- C:\Windows\system32\appraiser.dll
2016-01-13 17:50:07 ----A---- C:\Windows\system32\devinv.dll
2016-01-13 17:50:07 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-13 17:50:07 ----A---- C:\Windows\system32\acmigration.dll
2016-01-13 17:07:54 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\qedit.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\mapi32.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\aepic.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\aeinv.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-01-13 17:07:53 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-13 17:07:53 ----A---- C:\Windows\system32\mapistub.dll
2016-01-13 17:07:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\mf.dll
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\quartz.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\mcmde.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\evr.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\mfplat.dll
2016-01-13 17:07:50 ----A---- C:\Windows\system32\devenum.dll
2016-01-13 17:07:50 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\qdvd.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\qasf.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfps.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-13 17:07:48 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-01-13 17:07:48 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\mferror.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\ksuser.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-13 17:07:48 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-01-13 17:07:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-13 17:07:10 ----A---- C:\Windows\system32\win32k.sys
2016-01-13 17:07:10 ----A---- C:\Windows\system32\advapi32.dll
2016-01-13 17:07:09 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-13 17:07:09 ----A---- C:\Windows\system32\gdi32.dll
2016-01-13 17:07:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\schannel.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\kernel32.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\kerberos.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\winsrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\wdigest.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\sspisrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\sspicli.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\secur32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\ntdll.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\lsass.exe
2016-01-13 17:07:04 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-13 17:07:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-01-13 17:07:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\credssp.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64win.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\srcore.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\srclient.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\smss.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\rstrui.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\conhost.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\auditpol.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\apisetschema.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\msobjs.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\msaudite.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\adtschema.dll
2016-01-12 19:34:57 ----D---- C:\Windows\cs
2016-01-12 19:34:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-01-12 19:34:27 ----D---- C:\Windows\PCHEALTH
2016-01-12 19:34:08 ----D---- C:\Program Files (x86)\Windows Live
2016-01-12 19:32:00 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2016-01-12 19:31:40 ----D---- C:\ProgramData\Microsoft OneDrive
2016-01-12 19:24:34 ----D---- C:\Windows\SYSWOW64\Wat
2016-01-12 19:24:34 ----D---- C:\Windows\system32\Wat
2016-01-12 17:21:23 ----HD---- C:\ProgramData\CanonBJ
2016-01-10 17:34:16 ----D---- C:\Users\David\AppData\Roaming\Kingosoft
2016-01-10 17:33:22 ----D---- C:\Windows\system32\appmgmt
2016-01-10 16:16:55 ----D---- C:\ProgramData\MEGAsync
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDTAT.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDRU1.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDRU.DLL
2016-01-09 19:37:03 ----A---- C:\Windows\system32\KBDYAK.DLL
2016-01-09 19:37:03 ----A---- C:\Windows\system32\KBDBASH.DLL
2016-01-09 19:36:52 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2016-01-09 19:36:52 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-01-09 19:36:52 ----A---- C:\Windows\system32\fsutil.exe
2016-01-09 19:36:52 ----A---- C:\Windows\system32\esent.dll
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\nvraid.sys
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\amdxata.sys
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\nvstor.sys
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\amdsata.sys
2016-01-09 19:20:11 ----A---- C:\Windows\system32\wksprt.exe
2016-01-09 19:20:11 ----A---- C:\Windows\system32\mstscax.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-01-09 19:20:10 ----A---- C:\Windows\system32\tsgqec.dll
2016-01-09 19:20:10 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-01-09 19:19:47 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-01-09 19:19:47 ----A---- C:\Windows\system32\rdpcorets.dll
2016-01-09 19:19:46 ----A---- C:\Windows\system32\rdpudd.dll
2016-01-09 19:19:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-01-09 19:19:43 ----A---- C:\Windows\system32\d2d1.dll
2016-01-09 19:19:19 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\system32\nlsbres.dll
2016-01-09 19:07:15 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-01-09 19:07:15 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-01-09 18:52:39 ----SD---- C:\Windows\system32\CompatTel
2016-01-09 18:52:39 ----D---- C:\Windows\system32\appraiser
2016-01-09 16:33:30 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-01-09 16:33:29 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-01-09 16:33:29 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\wksprtPS.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\mstsc.exe
2016-01-09 16:33:28 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-01-09 16:31:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-01-09 16:30:17 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-01-09 16:27:43 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2016-01-09 16:27:43 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2016-01-09 16:27:42 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2016-01-09 16:27:42 ----A---- C:\Windows\system32\rdpendp_winip.dll
2016-01-09 16:26:09 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-01-09 16:26:09 ----A---- C:\Windows\system32\FntCache.dll
2016-01-09 16:26:09 ----A---- C:\Windows\system32\DWrite.dll
2016-01-09 16:26:07 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-01-09 16:26:06 ----A---- C:\Windows\system32\d3d10warp.dll
2016-01-09 16:25:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-01-09 16:25:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-01-09 16:25:53 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2016-01-09 16:25:53 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFx.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFHost.exe
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2016-01-09 16:25:48 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-01-09 16:25:48 ----A---- C:\Windows\system32\WMPhoto.dll
2016-01-09 11:00:03 ----SD---- C:\Windows\SYSWOW64\GWX
2016-01-09 11:00:03 ----SD---- C:\Windows\system32\GWX
2016-01-09 11:00:03 ----D---- C:\Windows\Migration
2016-01-09 10:49:01 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-01-09 10:49:01 ----A---- C:\Windows\system32\UIAnimation.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\dxgi.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\d3d10_1.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\XpsPrint.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10level9.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10_1core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10.dll
2016-01-09 10:48:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-01-09 10:47:06 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2016-01-09 10:47:06 ----A---- C:\Windows\system32\msieftp.dll
2016-01-09 10:47:01 ----A---- C:\Windows\system32\TSWorkspace.dll
2016-01-09 10:47:00 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2016-01-09 10:46:50 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2016-01-09 10:46:50 ----A---- C:\Windows\SYSWOW64\sechost.dll
2016-01-09 10:46:50 ----A---- C:\Windows\system32\tracerpt.exe
2016-01-09 10:46:50 ----A---- C:\Windows\system32\sechost.dll
2016-01-09 10:46:50 ----A---- C:\Windows\system32\logman.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\relog.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\logman.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\typeperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\relog.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\diskperf.exe
2016-01-09 10:46:34 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2016-01-09 10:46:34 ----A---- C:\Windows\SYSWOW64\gameux.dll
2016-01-09 10:46:34 ----A---- C:\Windows\system32\Wpc.dll
2016-01-09 10:46:34 ----A---- C:\Windows\system32\gameux.dll
2016-01-09 10:46:19 ----A---- C:\Windows\system32\icaapi.dll
2016-01-09 10:46:18 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-01-09 10:46:07 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-01-09 10:46:07 ----A---- C:\Windows\system32\ntshrui.dll
2016-01-09 10:46:00 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\system32\dhcpcore6.dll
2016-01-09 10:45:57 ----A---- C:\Windows\system32\tquery.dll
2016-01-09 10:45:57 ----A---- C:\Windows\system32\mssrch.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchFilterHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssvp.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssphtb.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssph.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\msscntrs.dll
2016-01-09 10:45:55 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2016-01-09 10:45:55 ----A---- C:\Windows\system32\xmllite.dll
2016-01-09 10:45:54 ----A---- C:\Windows\system32\wwansvc.dll
2016-01-09 10:45:54 ----A---- C:\Windows\system32\wwanprotdim.dll
2016-01-09 10:45:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-01-09 10:45:51 ----A---- C:\Windows\system32\tzres.dll
2016-01-09 10:45:43 ----A---- C:\Windows\SYSWOW64\netevent.dll
2016-01-09 10:45:43 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\netevent.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\netcorehc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-01-09 10:45:36 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-01-09 10:45:35 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-01-09 10:45:35 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-01-09 10:45:35 ----A---- C:\Windows\system32\shimeng.dll
2016-01-09 10:45:35 ----A---- C:\Windows\system32\sdbinst.exe
2016-01-09 10:45:35 ----A---- C:\Windows\system32\apphelp.dll
2016-01-09 10:45:35 ----A---- C:\Windows\system32\aelupsvc.dll
2016-01-09 10:45:34 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2016-01-09 10:45:34 ----A---- C:\Windows\system32\prevhost.exe
2016-01-09 10:45:29 ----A---- C:\Windows\system32\UtcResources.dll
2016-01-09 10:45:29 ----A---- C:\Windows\system32\diagtrack.dll
2016-01-09 10:45:27 ----A---- C:\Windows\system32\tdh.dll
2016-01-09 10:45:26 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-01-09 10:45:10 ----A---- C:\Windows\system32\aitstatic.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\secproc_isv.dll
2016-01-09 10:44:59 ----A---- C:\Windows\system32\secproc.dll
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\msdrm.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2016-01-09 10:44:58 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2016-01-09 10:44:58 ----A---- C:\Windows\system32\secproc_ssp.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\ucrtbase.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-09 10:44:38 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-01-09 10:44:38 ----A---- C:\Windows\system32\d3d11.dll
2016-01-09 10:44:37 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-01-09 10:44:37 ----A---- C:\Windows\system32\mswsock.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmSvc.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmAuto.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-01-09 10:44:35 ----A---- C:\Windows\system32\authui.dll
2016-01-09 10:44:34 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-01-09 10:44:34 ----A---- C:\Windows\system32\consent.exe
2016-01-09 10:44:34 ----A---- C:\Windows\system32\appinfo.dll
2016-01-09 10:44:32 ----A---- C:\Windows\system32\scavengeui.dll
2016-01-09 10:44:27 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2016-01-09 10:44:27 ----A---- C:\Windows\system32\cryptdlg.dll
2016-01-09 10:44:24 ----A---- C:\Windows\SYSWOW64\wdi.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\wdi.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\powertracker.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\perftrack.dll
2016-01-09 10:44:23 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-01-09 10:44:23 ----A---- C:\Windows\system32\wpdshext.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\wintrust.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\cryptsvc.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\cryptnet.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\crypt32.dll
2016-01-09 10:44:18 ----A---- C:\Windows\SYSWOW64\charmap.exe
2016-01-09 10:44:18 ----A---- C:\Windows\system32\charmap.exe
2016-01-09 10:44:18 ----A---- C:\Windows\system32\drivers\ataport.sys
2016-01-09 10:44:17 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2016-01-09 10:44:17 ----A---- C:\Windows\system32\iologmsg.dll
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\storport.sys
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2016-01-09 10:44:14 ----A---- C:\Windows\system32\OxpsConverter.exe
2016-01-09 10:44:13 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-01-09 10:44:13 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2016-01-09 10:44:13 ----A---- C:\Windows\system32\dwmcore.dll
2016-01-09 10:44:13 ----A---- C:\Windows\system32\dwmapi.dll
2016-01-09 10:44:12 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2016-01-09 10:44:12 ----A---- C:\Windows\SYSWOW64\credui.dll
2016-01-09 10:44:12 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2016-01-09 10:44:12 ----A---- C:\Windows\system32\credui.dll
2016-01-09 10:44:09 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-01-09 10:44:08 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-01-09 10:44:08 ----A---- C:\Windows\system32\oleaut32.dll
2016-01-09 10:44:07 ----A---- C:\Windows\system32\drivers\stream.sys
2016-01-09 10:44:07 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2016-01-09 10:39:42 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml6r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml6.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml3r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml3.dll
2016-01-09 08:45:35 ----D---- C:\Windows\system32\MRT
2016-01-09 08:45:29 ----A---- C:\Windows\system32\MRT.exe
2016-01-09 08:32:48 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2016-01-09 08:32:47 ----A---- C:\Windows\SYSWOW64\wmi.dll
2016-01-09 08:32:47 ----A---- C:\Windows\system32\wmi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\icardres.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2016-01-09 08:22:35 ----A---- C:\Windows\system32\infocardapi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\system32\icardres.dll
2016-01-09 08:22:35 ----A---- C:\Windows\system32\icardagt.exe
2016-01-09 08:22:27 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-01-09 08:22:27 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-01-09 04:28:17 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2016-01-09 04:28:17 ----A---- C:\Windows\system32\cewmdm.dll
2016-01-09 04:28:14 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-01-09 04:28:14 ----A---- C:\Windows\system32\certcli.dll
2016-01-09 04:28:03 ----A---- C:\Windows\system32\services.exe
2016-01-09 04:27:47 ----A---- C:\Windows\system32\schedsvc.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbctrac.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccu32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccr32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccp32.dll
2016-01-09 04:27:45 ----A---- C:\Windows\system32\wmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-01-09 04:27:43 ----A---- C:\Windows\system32\spwmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\system32\dxmasf.dll
2016-01-09 04:27:42 ----A---- C:\Windows\system32\wmploc.DLL
2016-01-09 04:27:39 ----A---- C:\Windows\SYSWOW64\sbe.dll
2016-01-09 04:27:39 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-01-09 04:27:39 ----A---- C:\Windows\system32\sbe.dll
2016-01-09 04:27:39 ----A---- C:\Windows\system32\CPFilters.dll
2016-01-09 04:27:34 ----A---- C:\Windows\system32\sysmain.dll
2016-01-09 04:27:33 ----A---- C:\Windows\system32\msmmsp.dll
2016-01-09 04:27:33 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-01-09 04:27:09 ----A---- C:\Windows\system32\shell32.dll
2016-01-09 04:27:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-01-09 04:27:07 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-01-09 04:27:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-01-09 04:26:53 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-01-09 04:26:53 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-01-09 04:26:53 ----A---- C:\Windows\system32\webio.dll
2016-01-09 04:26:53 ----A---- C:\Windows\system32\usp10.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuwebv.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wups2.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wups.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wudriver.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wucltux.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuauclt.exe
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuapp.exe
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuapi.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-01-09 04:26:45 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-01-09 04:26:45 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-01-09 04:26:45 ----A---- C:\Windows\system32\drmv2clt.dll
2016-01-09 04:26:45 ----A---- C:\Windows\system32\blackbox.dll
2016-01-09 04:26:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-01-09 04:26:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-01-09 04:26:42 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-01-09 04:26:41 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-01-09 04:26:41 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-01-09 04:26:40 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-01-09 04:26:40 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-01-09 04:26:40 ----A---- C:\Windows\system32\audiosrv.dll
2016-01-09 04:26:39 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\pcasvc.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\cryptui.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\AudioEng.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\msscp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\msnetobj.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\EncDump.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\cryptsp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\AudioSes.dll
2016-01-09 04:26:37 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-01-09 04:26:37 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcawrk.exe
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcalua.exe
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcaevts.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcadm.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\audiodg.exe
2016-01-09 04:25:48 ----A---- C:\Windows\system32\profsvc.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\mscories.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\mscories.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\mscorier.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\dfshim.dll
2016-01-09 04:25:28 ----A---- C:\Windows\SYSWOW64\wer.dll
2016-01-09 04:25:28 ----A---- C:\Windows\system32\wer.dll
2016-01-09 04:25:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2016-01-09 04:25:27 ----A---- C:\Windows\system32\imagehlp.dll
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\netio.sys
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-01-09 04:25:07 ----A---- C:\Windows\system32\termsrv.dll
2016-01-09 04:24:55 ----A---- C:\Windows\system32\basesrv.dll
2016-01-09 04:24:36 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\nlasvc.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\nlaapi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\ncsi.dll
2016-01-09 04:24:29 ----A---- C:\Windows\SYSWOW64\osk.exe
2016-01-09 04:24:29 ----A---- C:\Windows\system32\osk.exe
2016-01-09 04:24:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-01-09 04:24:26 ----A---- C:\Windows\system32\Wdfres.dll
2016-01-09 04:24:26 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2016-01-09 04:24:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2016-01-09 04:24:20 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\system32\WebClnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\system32\davclnt.dll
2016-01-09 04:24:18 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2016-01-09 04:24:18 ----A---- C:\Windows\system32\ubpm.dll
2016-01-09 04:24:17 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-01-09 04:24:17 ----A---- C:\Windows\system32\comctl32.dll
2016-01-09 04:24:16 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-01-09 04:24:16 ----A---- C:\Windows\system32\user32.dll
2016-01-09 04:24:12 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2016-01-09 04:24:12 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2016-01-09 04:24:12 ----A---- C:\Windows\system32\mfc42u.dll
2016-01-09 04:24:12 ----A---- C:\Windows\system32\mfc42.dll
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-01-09 04:24:05 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-01-09 04:24:04 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-01-09 04:24:04 ----A---- C:\Windows\system32\wshrm.dll
2016-01-09 04:24:04 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-01-09 04:24:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-01-09 04:24:01 ----A---- C:\Windows\system32\ole32.dll
2016-01-09 04:23:57 ----A---- C:\Windows\system32\winresume.exe
2016-01-09 04:23:57 ----A---- C:\Windows\system32\winload.exe
2016-01-09 04:23:57 ----A---- C:\Windows\system32\ci.dll
2016-01-09 04:23:56 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\drivers\appid.sys
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidsvc.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidapi.dll
2016-01-09 04:23:40 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-01-09 04:23:40 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-01-09 04:23:40 ----A---- C:\Windows\system32\comsvcs.dll
2016-01-09 04:23:40 ----A---- C:\Windows\system32\catsrvut.dll
2016-01-09 04:23:35 ----A---- C:\Windows\system32\drivers\cng.sys
2016-01-09 04:23:34 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-01-09 04:23:34 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-01-09 04:23:13 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2016-01-09 04:23:13 ----A---- C:\Windows\system32\drivers\usbcir.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\usbscan.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-01-09 04:23:11 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2016-01-09 04:23:11 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-01-09 04:23:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-01-09 04:23:11 ----A---- C:\Windows\system32\drivers\afd.sys
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnscacheugc.exe
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnsapi.dll
2016-01-09 04:22:56 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-01-09 04:22:56 ----A---- C:\Windows\system32\dpnet.dll
2016-01-09 04:22:55 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-01-09 04:22:55 ----A---- C:\Windows\system32\msi.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msimsg.dll
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msihnd.dll
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msiexec.exe
2016-01-09 04:22:48 ----A---- C:\Windows\system32\objsel.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\objsel.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\wincredprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\dimsroam.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\cngprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\capiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\adprovider.dll
2016-01-09 04:22:01 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-01-09 04:22:01 ----A---- C:\Windows\system32\notepad.exe
2016-01-09 04:22:01 ----A---- C:\Windows\notepad.exe
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srv.sys
2016-01-09 04:21:58 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-01-09 04:21:58 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-01-09 04:21:57 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-01-09 04:21:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-01-09 04:21:57 ----A---- C:\Windows\system32\cdd.dll
2016-01-09 04:21:54 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2016-01-09 04:21:54 ----A---- C:\Windows\system32\psisdecd.dll
2016-01-09 04:21:29 ----A---- C:\Windows\system32\drivers\partmgr.sys
2016-01-09 04:21:28 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-01-09 04:21:28 ----A---- C:\Windows\system32\poqexec.exe
2016-01-09 04:21:24 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-01-09 04:21:24 ----A---- C:\Windows\system32\pku2u.dll
2016-01-09 04:21:17 ----A---- C:\Windows\system32\drivers\http.sys
2016-01-09 04:21:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\system32\vbscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\system32\jscript.dll
2016-01-09 04:21:12 ----A---- C:\Windows\SYSWOW64\synceng.dll
2016-01-09 04:21:12 ----A---- C:\Windows\system32\synceng.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kdusb.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kdcom.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kd1394.dll
2016-01-09 04:21:09 ----A---- C:\Windows\system32\shdocvw.dll
2016-01-09 04:21:08 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2016-01-09 04:21:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-01-09 04:21:04 ----A---- C:\Windows\system32\msctf.dll
2016-01-09 04:21:03 ----A---- C:\Windows\SYSWOW64\rastls.dll
2016-01-09 04:21:03 ----A---- C:\Windows\system32\rastls.dll
2016-01-09 04:21:02 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-01-09 04:21:02 ----A---- C:\Windows\system32\win32spl.dll
2016-01-09 04:21:01 ----A---- C:\Windows\system32\taskhost.exe
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\devobj.dll
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2016-01-09 04:20:50 ----A---- C:\Windows\system32\umpnpmgr.dll
2016-01-09 04:20:49 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-01-09 04:20:39 ----A---- C:\Windows\SYSWOW64\packager.dll
2016-01-09 04:20:39 ----A---- C:\Windows\system32\packager.dll
2016-01-09 04:20:35 ----A---- C:\Windows\system32\winlogon.exe
2016-01-09 04:20:34 ----A---- C:\Windows\system32\winsta.dll
2016-01-09 04:20:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2016-01-09 04:20:33 ----A---- C:\Windows\SYSWOW64\winsta.dll
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdrmemptylst.exe
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdpwsx.dll
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdpcorekmts.dll
2016-01-09 04:20:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2016-01-09 04:20:20 ----A---- C:\Windows\SYSWOW64\browcli.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\netapi32.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\browser.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\browcli.dll
2016-01-09 04:20:00 ----A---- C:\Windows\system32\FXSCOVER.exe
2016-01-09 04:19:59 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-01-09 04:19:59 ----A---- C:\Windows\system32\inetcomm.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\els.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\scesrv.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\msvcrt.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\els.dll
2016-01-09 04:19:56 ----A---- C:\Windows\system32\certutil.exe
2016-01-09 04:19:55 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-01-09 04:19:55 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-01-09 04:19:55 ----A---- C:\Windows\system32\certenc.dll
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\wscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\cscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\system32\wscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\system32\scrrun.dll
2016-01-09 04:19:49 ----A---- C:\Windows\system32\cscript.exe
2016-01-09 04:19:35 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-01-09 04:19:35 ----A---- C:\Windows\system32\jnwmon.dll
2016-01-09 04:19:35 ----A---- C:\Windows\system32\InkEd.dll
2016-01-09 04:19:31 ----A---- C:\Windows\system32\localspl.dll
2016-01-09 04:19:27 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-01-09 04:19:26 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2016-01-09 04:19:26 ----A---- C:\Windows\system32\oleacc.dll
2016-01-09 04:19:25 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-01-09 04:19:25 ----A---- C:\Windows\system32\EncDec.dll
2016-01-09 04:19:23 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2016-01-09 04:19:23 ----A---- C:\Windows\system32\clfsw32.dll
2016-01-09 04:19:23 ----A---- C:\Windows\system32\clfs.sys
2016-01-09 04:19:18 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2016-01-09 04:19:18 ----A---- C:\Windows\system32\cdosys.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\lpk.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\fontsub.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\dciman32.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\atmlib.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\atmfd.dll
2016-01-09 04:18:49 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2016-01-09 04:18:49 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-01-09 04:18:49 ----A---- C:\Windows\system32\nshwfp.dll
2016-01-09 04:18:49 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-01-09 04:18:49 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-01-09 03:57:05 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-01-09 03:57:05 ----A---- C:\Windows\system32\rdpcore.dll
2016-01-09 03:57:05 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2016-01-09 01:55:12 ----D---- C:\Windows\SYSWOW64\vbox
2016-01-09 01:55:12 ----D---- C:\Windows\system32\vbox
2016-01-09 01:33:20 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-01-09 01:33:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-01-09 01:33:20 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-01-09 01:33:20 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-01-09 01:33:19 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-01-09 01:33:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-01-09 01:33:19 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-01-09 01:33:19 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-01-09 01:33:15 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-01-09 01:33:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-01-09 01:33:15 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-01-09 01:33:15 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-01-09 01:33:14 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-01-09 01:33:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-01-09 01:33:14 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-01-09 01:33:14 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-01-09 01:33:11 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-01-09 01:33:09 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-01-09 01:33:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-01-09 01:33:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-01-09 01:33:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-01-09 01:33:07 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-01-09 01:33:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-01-09 01:33:07 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-01-09 01:33:07 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-01-09 01:33:06 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-01-09 01:33:06 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-01-09 01:33:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-01-09 01:33:06 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-01-09 01:33:03 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-01-09 01:33:03 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-01-09 01:33:03 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-01-09 01:33:03 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-01-09 01:33:02 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-01-09 01:33:02 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-01-09 01:33:02 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-01-09 01:33:02 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-01-09 01:33:01 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-01-09 01:33:00 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-01-09 01:33:00 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-01-09 01:32:58 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-01-09 01:32:57 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-01-09 01:32:57 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-01-09 01:32:56 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-01-09 01:32:56 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-01-09 01:32:54 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-01-09 01:32:54 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\xinput1_3.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-01-09 01:32:48 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-01-09 01:32:47 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-01-09 01:32:47 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-01-09 01:32:47 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-01-09 01:32:47 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-01-09 01:32:46 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-01-09 01:32:46 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-01-09 01:32:45 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-01-09 01:32:45 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-01-09 01:32:45 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-01-09 01:32:45 ----A---- C:\Windows\system32\d3dx10.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-01-09 01:32:43 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-01-09 01:32:43 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-01-09 01:32:43 ----A---- C:\Windows\system32\xinput1_2.dll
2016-01-09 01:32:43 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-01-09 01:32:42 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-01-09 01:32:42 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-01-09 01:32:42 ----A---- C:\Windows\system32\xinput1_1.dll
2016-01-09 01:32:42 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-01-09 01:32:41 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-01-09 01:32:41 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-01-09 01:32:40 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-01-09 01:32:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-01-09 01:32:38 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-01-09 01:32:38 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-01-09 01:32:37 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-01-09 01:32:37 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-01-09 01:32:37 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-01-09 01:32:37 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-01-09 01:32:36 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-09 01:32:36 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-01-09 01:32:36 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-01-09 01:32:36 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-01-09 01:29:49 ----D---- C:\Windows\SYSWOW64\directx
2016-01-08 21:04:06 ----D---- C:\Různé
2016-01-08 20:18:08 ----D---- C:\6cd915098d7c43677f39edbeaa
2016-01-08 19:51:16 ----D---- C:\Games
2016-01-08 19:48:11 ----D---- C:\Users\David\AppData\Roaming\Macromedia
2016-01-08 19:48:11 ----D---- C:\Users\David\AppData\Roaming\Adobe
2016-01-08 19:48:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-01-08 19:48:00 ----D---- C:\Windows\SYSWOW64\Macromed
2016-01-08 19:47:59 ----D---- C:\Windows\system32\Macromed
2016-01-08 19:40:47 ----D---- C:\Users\David\AppData\Roaming\WinRAR
2016-01-08 19:33:11 ----D---- C:\Program Files\WinRAR
2016-01-08 17:50:23 ----D---- C:\Users\David\AppData\Roaming\OpenOffice
2016-01-08 17:49:28 ----D---- C:\Program Files (x86)\OpenOffice 4
2016-01-08 17:46:49 ----D---- C:\Users\David\AppData\Roaming\ATI
2016-01-08 17:46:49 ----D---- C:\ProgramData\ATI
2016-01-08 17:45:22 ----DC---- C:\Windows\system32\DRVSTORE
2016-01-08 17:45:22 ----A---- C:\Windows\system32\drivers\SamsungRapidDiskFltr.sys
2016-01-08 17:45:19 ----D---- C:\Windows\system32\RAPID
2016-01-08 17:23:29 ----D---- C:\ProgramData\Samsung
2016-01-08 17:23:29 ----D---- C:\Program Files (x86)\Samsung
2016-01-08 16:14:10 ----D---- C:\Program Files\Unlocker
2016-01-08 16:14:02 ----D---- C:\Users\David\AppData\Roaming\Babylon
2016-01-08 15:52:58 ----D---- C:\Program Files\CCleaner
2016-01-08 15:08:38 ----D---- C:\Users\David\AppData\Roaming\Mozilla
2016-01-08 15:08:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-01-08 15:01:13 ----A---- C:\Windows\system32\drivers\ngvss.sys
2016-01-08 15:01:11 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-08 14:59:02 ----D---- C:\Users\David\AppData\Roaming\AVAST Software
2016-01-08 14:58:42 ----D---- C:\Program Files\Common Files\AV
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-01-08 14:58:35 ----A---- C:\Windows\avastSS.scr
2016-01-08 14:56:36 ----D---- C:\Program Files\AVAST Software
2016-01-08 14:55:15 ----D---- C:\ProgramData\AVAST Software
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\VmixP6.dll
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\CMPaOxy.dll
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\CMICNFG3.dll
2016-01-08 14:29:47 ----A---- C:\Windows\system32\Cmeaupci.exe
2016-01-08 14:29:38 ----A---- C:\Windows\system32\CmiInstallResAll64.dll
2016-01-08 14:29:38 ----A---- C:\Windows\difxapi.dll
2016-01-08 14:29:38 ----A---- C:\Windows\cmudax3.ini
2016-01-08 14:29:26 ----D---- C:\Program Files (x86)\AMD APP
2016-01-08 14:29:15 ----D---- C:\ProgramData\AMD
2016-01-08 14:29:15 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2016-01-08 14:29:14 ----D---- C:\Program Files (x86)\ATI Technologies
2016-01-08 14:28:03 ----D---- C:\Program Files\13-9-legacy_vista_win7_64_dd_ccc
2016-01-08 14:24:25 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-01-08 14:23:07 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-01-08 14:23:07 ----D---- C:\Program Files\Realtek
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSHP64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkAPO64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkApi64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RTCOM64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RCoInst64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-01-08 14:22:59 ----D---- C:\Program Files (x86)\Realtek
2016-01-08 14:22:59 ----A---- C:\Windows\system32\FMAPO64.dll
2016-01-08 14:22:59 ----A---- C:\Windows\system32\AERTAR64.dll
2016-01-08 14:22:59 ----A---- C:\Windows\system32\AERTAC64.dll
2016-01-08 14:22:48 ----HD---- C:\Program Files (x86)\Temp
2016-01-08 14:22:48 ----A---- C:\Windows\RtlExUpd.dll
2016-01-08 14:22:27 ----D---- C:\Program Files\AMD
2016-01-08 14:22:15 ----D---- C:\ProgramData\Package Cache
2016-01-08 14:21:20 ----D---- C:\Program Files\AMD-Catalyst-15.7.1-SB-SATA-AHCI-Win10-Win8.1-Win7
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\drivers\AsUpIO.sys
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2016-01-08 14:18:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-01-08 14:18:48 ----D---- C:\Program Files (x86)\ASUS
2016-01-08 14:16:58 ----SHD---- C:\Windows\Installer
2016-01-08 14:16:58 ----D---- C:\Program Files\ATI
2016-01-08 14:16:58 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2016-01-08 14:16:41 ----D---- C:\Program Files\ATI Technologies
2016-01-08 14:16:08 ----A---- C:\Windows\Language_trs.ini
2016-01-08 14:13:14 ----A---- C:\Windows\system32\drivers\cmudax3.sys
2016-01-08 14:13:13 ----A---- C:\Windows\system32\cmudax3.dll
2016-01-08 14:13:06 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2016-01-08 14:05:28 ----D---- C:\Users\David\AppData\Roaming\Identities
2016-01-08 14:05:25 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2016-01-08 14:05:25 ----D---- C:\Users\David\AppData\Roaming\Media Center Programs
2016-01-08 14:05:22 ----SHD---- C:\Recovery
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Šablony
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Plocha
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Oblíbené položky
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Nabídka Start
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Dokumenty
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Data aplikací
2016-01-08 14:05:04 ----D---- C:\Windows\SoftwareDistribution
2016-01-08 13:58:28 ----D---- C:\Windows\Prefetch
2016-01-08 13:58:21 ----ASH---- C:\pagefile.sys
2016-01-08 13:58:18 ----SHD---- C:\System Volume Information
2016-01-08 13:58:18 ----ASH---- C:\hiberfil.sys
2016-01-08 13:57:41 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

[vaclavka83]

======List of files/folders modified in the last 1 month======

2016-01-31 16:34:38 ----D---- C:\Windows\Temp
2016-01-31 16:34:35 ----RD---- C:\Program Files
2016-01-31 16:29:08 ----RD---- C:\Program Files (x86)
2016-01-31 16:11:35 ----D---- C:\Windows\System32
2016-01-31 16:11:35 ----D---- C:\Windows\inf
2016-01-31 16:11:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-30 16:24:06 ----D---- C:\Windows\system32\config
2016-01-28 21:06:39 ----HD---- C:\ProgramData
2016-01-28 18:46:15 ----D---- C:\Program Files (x86)\Common Files
2016-01-27 18:03:25 ----D---- C:\Windows\system32\Tasks
2016-01-27 18:00:59 ----D---- C:\Program Files\Common Files
2016-01-26 13:16:13 ----D---- C:\Windows\system32\drivers
2016-01-25 17:27:16 ----D---- C:\Windows\Tasks
2016-01-25 17:24:47 ----D---- C:\Windows\SysWOW64
2016-01-22 20:01:45 ----D---- C:\Windows
2016-01-20 15:41:12 ----RSD---- C:\Windows\assembly
2016-01-19 06:57:50 ----D---- C:\Windows\system32\DriverStore
2016-01-19 06:57:43 ----D---- C:\Windows\system32\pt-PT
2016-01-19 06:57:43 ----D---- C:\Windows\system32\pt-BR
2016-01-19 06:57:43 ----D---- C:\Windows\system32\nl-NL
2016-01-19 06:57:43 ----D---- C:\Windows\system32\it-IT
2016-01-19 06:57:43 ----D---- C:\Windows\system32\fr-FR
2016-01-19 06:57:43 ----D---- C:\Windows\system32\es-ES
2016-01-19 06:57:42 ----D---- C:\Windows\system32\en-US
2016-01-19 06:57:42 ----D---- C:\Windows\system32\drivers\UMDF
2016-01-19 06:57:42 ----D---- C:\Windows\system32\de-DE
2016-01-17 01:51:25 ----D---- C:\Windows\system32\wdi
2016-01-17 01:51:06 ----D---- C:\Windows\winsxs
2016-01-15 17:46:06 ----D---- C:\Windows\Logs
2016-01-15 03:59:34 ----D---- C:\Windows\system32\LogFiles
2016-01-14 08:44:12 ----D---- C:\Windows\debug
2016-01-13 19:31:39 ----D---- C:\Windows\rescache
2016-01-13 17:50:26 ----D---- C:\Windows\AppPatch
2016-01-13 17:36:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-13 17:36:29 ----D---- C:\Windows\system32\cs-CZ
2016-01-13 17:14:29 ----D---- C:\Windows\system32\catroot
2016-01-13 17:06:39 ----D---- C:\Windows\system32\catroot2
2016-01-12 19:34:29 ----SD---- C:\ProgramData\Microsoft
2016-01-12 19:34:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-01-10 20:42:16 ----D---- C:\Windows\Microsoft.NET
2016-01-10 15:27:29 ----D---- C:\Windows\AppCompat
2016-01-09 19:09:38 ----RSD---- C:\Windows\Fonts
2016-01-09 18:52:40 ----D---- C:\Windows\SYSWOW64\wbem
2016-01-09 18:52:40 ----D---- C:\Windows\system32\wbem
2016-01-09 18:52:40 ----D---- C:\Windows\system32\drivers\en-US
2016-01-09 18:52:39 ----D---- C:\Windows\tracing
2016-01-09 18:52:39 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-09 18:52:39 ----D---- C:\Windows\SYSWOW64\Dism
2016-01-09 18:52:39 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-01-09 18:52:39 ----D---- C:\Windows\system32\Dism
2016-01-09 18:52:39 ----D---- C:\Windows\system32\AdvancedInstallers
2016-01-09 18:52:39 ----D---- C:\Windows\PolicyDefinitions
2016-01-09 18:52:38 ----D---- C:\Windows\SYSWOW64\migration
2016-01-09 18:52:38 ----D---- C:\Windows\system32\migration
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-TW
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-HK
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-CN
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\tr-TR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\sv-SE
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pt-PT
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pt-BR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\nb-NO
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ko-KR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ja-JP
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\it-IT
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\fr-FR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\fi-FI
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\es-ES
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\el-GR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\de-DE
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\da-DK
2016-01-09 11:00:03 ----D---- C:\Windows\system32\zh-HK
2016-01-09 11:00:03 ----D---- C:\Windows\system32\pl-PL
2016-01-09 11:00:03 ----D---- C:\Windows\system32\ko-KR
2016-01-09 11:00:03 ----D---- C:\Windows\system32\hu-HU
2016-01-09 11:00:03 ----D---- C:\Windows\system32\el-GR
2016-01-09 11:00:02 ----D---- C:\Windows\system32\zh-TW
2016-01-09 11:00:02 ----D---- C:\Windows\system32\zh-CN
2016-01-09 11:00:02 ----D---- C:\Windows\system32\tr-TR
2016-01-09 11:00:02 ----D---- C:\Windows\system32\sv-SE
2016-01-09 11:00:02 ----D---- C:\Windows\system32\ru-RU
2016-01-09 11:00:02 ----D---- C:\Windows\system32\nb-NO
2016-01-09 11:00:02 ----D---- C:\Windows\system32\ja-JP
2016-01-09 11:00:02 ----D---- C:\Windows\system32\fi-FI
2016-01-09 11:00:02 ----D---- C:\Windows\system32\da-DK
2016-01-09 10:58:56 ----D---- C:\Windows\LiveKernelReports
2016-01-09 09:46:28 ----D---- C:\Windows\ehome
2016-01-09 09:46:28 ----D---- C:\Program Files\Windows Media Player
2016-01-09 09:46:28 ----D---- C:\Program Files\Common Files\System
2016-01-09 09:46:28 ----D---- C:\Program Files (x86)\Windows Media Player
2016-01-09 09:46:25 ----D---- C:\Program Files\Windows Defender
2016-01-09 09:46:25 ----D---- C:\Program Files (x86)\Windows Defender
2016-01-09 09:46:24 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-09 09:46:24 ----D---- C:\Windows\system32\Boot
2016-01-09 09:46:19 ----D---- C:\Program Files\Windows Journal
2016-01-08 22:13:14 ----RD---- C:\Users
2016-01-08 15:55:14 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-01-08 14:50:35 ----D---- C:\Windows\system32\NDF
2016-01-08 14:30:53 ----D---- C:\Windows\system
2016-01-08 14:18:49 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-08 14:18:42 ----D---- C:\Windows\system32\restore
2016-01-08 14:05:28 ----SHD---- C:\$Recycle.Bin
2016-01-08 14:05:22 ----D---- C:\Windows\system32\Recovery
2016-01-08 14:05:22 ----D---- C:\Program Files\Windows NT
2016-01-08 13:59:23 ----D---- C:\Windows\system32\sysprep
2016-01-08 13:58:27 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-08 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-08 273784]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-01-08 147088]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-08 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-20 40344]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-08 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-08 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-08 155304]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-01-08 310904]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2009-05-20 1154560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-29 1966624]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2014-12-10 797400]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S1 vcdrom;Virtual CD-ROM Device Driver; \??\C:\Users\David\Desktop\VCdRom.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-11-25 2016448]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-08 226440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ihpmServer;ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [2016-01-28 265960]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-01-08 5561368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-12 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[vaclavka83]

# AdwCleaner v5.032 - Logfile created 31/01/2016 at 17:52:45
# Updated 31/01/2016 by Xplode
# Database : 2016-01-31.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : David - DAVID-PC
# Running from : C:\Users\David\Desktop\adwcleaner_5.032.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : ihpmServer

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Prompt Downloader
[-] Folder Deleted : C:\Program Files (x86)\RayDld
[-] Folder Deleted : C:\Program Files (x86)\SimpleFiles
[-] Folder Deleted : C:\ProgramData\Trymedia
[-] Folder Deleted : C:\Users\David\AppData\Local\Babylon
[-] Folder Deleted : C:\Users\David\AppData\Local\Prompt Downloader
[-] Folder Deleted : C:\Users\David\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\David\AppData\Roaming\SimpleFiles

***** [ Files ] *****

[-] File Deleted : C:\Users\David\AppData\Local\Temp\task.vbs
[-] File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\searchplugins\yoursearching.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKCU\Software\Prompt Downloader
[-] Key Deleted : HKCU\Software\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\SimpleFiles
[-] Key Deleted : HKLM\SOFTWARE\Trymedia Systems
[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware
[!] Key Not Deleted : HKU\S-1-5-21-3002283261-4246282841-1664632397-1000\Software\Mozilla\Extends
[!] Key Not Deleted : HKU\S-1-5-21-3002283261-4246282841-1664632397-1000\Software\Prompt Downloader
[!] Key Not Deleted : HKU\S-1-5-21-3002283261-4246282841-1664632397-1000\Software\SimpleFiles
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Codec Settings UAC Manager]

***** [ Web browsers ] *****

[-] [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2822 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[vaclavka83]

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2016-01-31 17:59:05
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 70 GB (32%) free of 215 GB
Total RAM: 4094 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:59:06, on 31.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unblockservice.com/wpad.dat?51a7 ... 7395171804
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\Codecs\UpdateChecker.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6294 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {5CCDCCE6-2CB8-495A-9DCB-6F2E85909105}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\System32\svchost.exe -k utcsvc
system32\RAPID\SamsungRapidSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {30BA6F5E-866B-4E9C-BD50-B3389A7C77BC}
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2432
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cc928e4f-a1d1-4508-aa83-084c324ede2d -SystemEventPortName:HostProcess-5c5c982a-8405-4f46-ae63-0556be624582 -IoCancelEventPortName:HostProcess-a31e04ab-dd44-43fd-af63-68d1333672c3 -NonStateChangingEventPortName:HostProcess-cc4ea438-5599-4929-9dc9-a93da26d5207 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9b7d50b8-f57a-4de8-a446-97833303e45c -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\David\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "keyword.URL" - "https://www.google.com/search?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-08 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-08 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Codec Pack Update Checker"=C:\Windows\system32\Codecs\UpdateChecker.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmPCIaudio]
C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive]
C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-01-14 551112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-29 7982112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SamsungRapidApp]
C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2014-09-16 281776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-08 7021880]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-31 17:51:39 ----D---- C:\AdwCleaner
2016-01-31 16:34:35 ----D---- C:\rsit
2016-01-31 16:34:35 ----D---- C:\Program Files\trend micro
2016-01-28 18:49:07 ----D---- C:\ProgramData\boost_interprocess
2016-01-28 17:47:37 ----D---- C:\Program Files (x86)\Adobe
2016-01-27 18:02:56 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-01-27 18:02:42 ----D---- C:\Program Files\Adobe
2016-01-27 18:00:59 ----D---- C:\Program Files\Common Files\Adobe
2016-01-27 18:00:02 ----D---- C:\ProgramData\Adobe
2016-01-26 15:19:43 ----D---- C:\Users\David\AppData\Roaming\WildTangent
2016-01-26 15:19:42 ----D---- C:\ProgramData\WildTangent
2016-01-26 15:19:42 ----D---- C:\Program Files (x86)\WildTangent Games
2016-01-26 11:19:47 ----D---- C:\Program Files (x86)\Seznam.cz
2016-01-22 20:02:01 ----D---- C:\ProgramData\Bohemia Interactive
2016-01-22 20:01:47 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-01-22 19:31:17 ----D---- C:\Users\David\AppData\Roaming\uplay
2016-01-21 10:57:24 ----D---- C:\ProgramData\Steam
2016-01-20 20:20:59 ----D---- C:\ProgramData\Origin
2016-01-20 19:48:09 ----D---- C:\Users\David\AppData\Roaming\MPC-HC
2016-01-20 19:38:16 ----D---- C:\Windows\SYSWOW64\Codecs
2016-01-20 19:27:56 ----D---- C:\Users\David\AppData\Roaming\Seznam.cz
2016-01-20 18:53:22 ----D---- C:\Live
2016-01-20 18:52:45 ----A---- C:\manifest.txt
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-01-15 07:02:26 ----D---- C:\Program Files (x86)\Elaborate Bytes
2016-01-14 09:49:50 ----A---- C:\Windows\ntbtlog.txt
2016-01-14 09:38:36 ----D---- C:\Windows\pss
2016-01-13 21:47:15 ----D---- C:\Users\David\AppData\Roaming\Wargaming.net
2016-01-13 17:50:08 ----A---- C:\Windows\system32\invagent.dll
2016-01-13 17:50:08 ----A---- C:\Windows\system32\generaltel.dll
2016-01-13 17:50:08 ----A---- C:\Windows\system32\appraiser.dll
2016-01-13 17:50:07 ----A---- C:\Windows\system32\devinv.dll
2016-01-13 17:50:07 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-13 17:50:07 ----A---- C:\Windows\system32\acmigration.dll
2016-01-13 17:07:54 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\qedit.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\mapi32.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\aepic.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\aeinv.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-01-13 17:07:53 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-13 17:07:53 ----A---- C:\Windows\system32\mapistub.dll
2016-01-13 17:07:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\mf.dll
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\quartz.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\mcmde.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\evr.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\mfplat.dll
2016-01-13 17:07:50 ----A---- C:\Windows\system32\devenum.dll
2016-01-13 17:07:50 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\qdvd.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\qasf.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfps.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-13 17:07:48 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-01-13 17:07:48 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\mferror.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\ksuser.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-13 17:07:48 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-01-13 17:07:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-13 17:07:10 ----A---- C:\Windows\system32\win32k.sys
2016-01-13 17:07:10 ----A---- C:\Windows\system32\advapi32.dll
2016-01-13 17:07:09 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-13 17:07:09 ----A---- C:\Windows\system32\gdi32.dll
2016-01-13 17:07:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\schannel.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\kernel32.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\kerberos.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\winsrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\wdigest.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\sspisrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\sspicli.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\secur32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\ntdll.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\lsass.exe
2016-01-13 17:07:04 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-13 17:07:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-01-13 17:07:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\credssp.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64win.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\srcore.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\srclient.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\smss.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\rstrui.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\conhost.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\auditpol.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\apisetschema.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\msobjs.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\msaudite.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\adtschema.dll
2016-01-12 19:34:57 ----D---- C:\Windows\cs
2016-01-12 19:34:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-01-12 19:34:27 ----D---- C:\Windows\PCHEALTH
2016-01-12 19:34:08 ----D---- C:\Program Files (x86)\Windows Live
2016-01-12 19:32:00 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2016-01-12 19:31:40 ----D---- C:\ProgramData\Microsoft OneDrive
2016-01-12 19:24:34 ----D---- C:\Windows\SYSWOW64\Wat
2016-01-12 19:24:34 ----D---- C:\Windows\system32\Wat
2016-01-12 17:21:23 ----HD---- C:\ProgramData\CanonBJ
2016-01-10 17:34:16 ----D---- C:\Users\David\AppData\Roaming\Kingosoft
2016-01-10 17:33:22 ----D---- C:\Windows\system32\appmgmt
2016-01-10 16:16:55 ----D---- C:\ProgramData\MEGAsync
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDTAT.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDRU1.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDRU.DLL
2016-01-09 19:37:03 ----A---- C:\Windows\system32\KBDYAK.DLL
2016-01-09 19:37:03 ----A---- C:\Windows\system32\KBDBASH.DLL
2016-01-09 19:36:52 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2016-01-09 19:36:52 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-01-09 19:36:52 ----A---- C:\Windows\system32\fsutil.exe
2016-01-09 19:36:52 ----A---- C:\Windows\system32\esent.dll
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\nvraid.sys
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\amdxata.sys
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\nvstor.sys
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\amdsata.sys
2016-01-09 19:20:11 ----A---- C:\Windows\system32\wksprt.exe
2016-01-09 19:20:11 ----A---- C:\Windows\system32\mstscax.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-01-09 19:20:10 ----A---- C:\Windows\system32\tsgqec.dll
2016-01-09 19:20:10 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-01-09 19:19:47 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-01-09 19:19:47 ----A---- C:\Windows\system32\rdpcorets.dll
2016-01-09 19:19:46 ----A---- C:\Windows\system32\rdpudd.dll
2016-01-09 19:19:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-01-09 19:19:43 ----A---- C:\Windows\system32\d2d1.dll
2016-01-09 19:19:19 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\system32\nlsbres.dll
2016-01-09 19:07:15 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-01-09 19:07:15 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-01-09 18:52:39 ----SD---- C:\Windows\system32\CompatTel
2016-01-09 18:52:39 ----D---- C:\Windows\system32\appraiser
2016-01-09 16:33:30 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-01-09 16:33:29 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-01-09 16:33:29 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\wksprtPS.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\mstsc.exe
2016-01-09 16:33:28 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-01-09 16:31:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-01-09 16:30:17 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-01-09 16:27:43 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2016-01-09 16:27:43 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2016-01-09 16:27:42 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2016-01-09 16:27:42 ----A---- C:\Windows\system32\rdpendp_winip.dll
2016-01-09 16:26:09 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-01-09 16:26:09 ----A---- C:\Windows\system32\FntCache.dll
2016-01-09 16:26:09 ----A---- C:\Windows\system32\DWrite.dll
2016-01-09 16:26:07 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-01-09 16:26:06 ----A---- C:\Windows\system32\d3d10warp.dll
2016-01-09 16:25:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-01-09 16:25:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-01-09 16:25:53 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2016-01-09 16:25:53 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFx.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFHost.exe
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2016-01-09 16:25:48 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-01-09 16:25:48 ----A---- C:\Windows\system32\WMPhoto.dll
2016-01-09 11:00:03 ----SD---- C:\Windows\SYSWOW64\GWX
2016-01-09 11:00:03 ----SD---- C:\Windows\system32\GWX
2016-01-09 11:00:03 ----D---- C:\Windows\Migration
2016-01-09 10:49:01 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-01-09 10:49:01 ----A---- C:\Windows\system32\UIAnimation.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\dxgi.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\d3d10_1.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\XpsPrint.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10level9.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10_1core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10.dll
2016-01-09 10:48:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-01-09 10:47:06 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2016-01-09 10:47:06 ----A---- C:\Windows\system32\msieftp.dll
2016-01-09 10:47:01 ----A---- C:\Windows\system32\TSWorkspace.dll
2016-01-09 10:47:00 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2016-01-09 10:46:50 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2016-01-09 10:46:50 ----A---- C:\Windows\SYSWOW64\sechost.dll
2016-01-09 10:46:50 ----A---- C:\Windows\system32\tracerpt.exe
2016-01-09 10:46:50 ----A---- C:\Windows\system32\sechost.dll
2016-01-09 10:46:50 ----A---- C:\Windows\system32\logman.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\relog.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\logman.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\typeperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\relog.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\diskperf.exe
2016-01-09 10:46:34 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2016-01-09 10:46:34 ----A---- C:\Windows\SYSWOW64\gameux.dll
2016-01-09 10:46:34 ----A---- C:\Windows\system32\Wpc.dll
2016-01-09 10:46:34 ----A---- C:\Windows\system32\gameux.dll
2016-01-09 10:46:19 ----A---- C:\Windows\system32\icaapi.dll
2016-01-09 10:46:18 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-01-09 10:46:07 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-01-09 10:46:07 ----A---- C:\Windows\system32\ntshrui.dll
2016-01-09 10:46:00 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\system32\dhcpcore6.dll
2016-01-09 10:45:57 ----A---- C:\Windows\system32\tquery.dll
2016-01-09 10:45:57 ----A---- C:\Windows\system32\mssrch.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchFilterHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssvp.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssphtb.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssph.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\msscntrs.dll
2016-01-09 10:45:55 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2016-01-09 10:45:55 ----A---- C:\Windows\system32\xmllite.dll
2016-01-09 10:45:54 ----A---- C:\Windows\system32\wwansvc.dll
2016-01-09 10:45:54 ----A---- C:\Windows\system32\wwanprotdim.dll
2016-01-09 10:45:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-01-09 10:45:51 ----A---- C:\Windows\system32\tzres.dll
2016-01-09 10:45:43 ----A---- C:\Windows\SYSWOW64\netevent.dll
2016-01-09 10:45:43 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\netevent.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\netcorehc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-01-09 10:45:36 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-01-09 10:45:35 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-01-09 10:45:35 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-01-09 10:45:35 ----A---- C:\Windows\system32\shimeng.dll
2016-01-09 10:45:35 ----A---- C:\Windows\system32\sdbinst.exe
2016-01-09 10:45:35 ----A---- C:\Windows\system32\apphelp.dll
2016-01-09 10:45:35 ----A---- C:\Windows\system32\aelupsvc.dll
2016-01-09 10:45:34 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2016-01-09 10:45:34 ----A---- C:\Windows\system32\prevhost.exe
2016-01-09 10:45:29 ----A---- C:\Windows\system32\UtcResources.dll
2016-01-09 10:45:29 ----A---- C:\Windows\system32\diagtrack.dll
2016-01-09 10:45:27 ----A---- C:\Windows\system32\tdh.dll
2016-01-09 10:45:26 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-01-09 10:45:10 ----A---- C:\Windows\system32\aitstatic.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\secproc_isv.dll
2016-01-09 10:44:59 ----A---- C:\Windows\system32\secproc.dll
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\msdrm.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2016-01-09 10:44:58 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2016-01-09 10:44:58 ----A---- C:\Windows\system32\secproc_ssp.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\ucrtbase.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-09 10:44:38 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-01-09 10:44:38 ----A---- C:\Windows\system32\d3d11.dll
2016-01-09 10:44:37 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-01-09 10:44:37 ----A---- C:\Windows\system32\mswsock.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmSvc.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmAuto.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-01-09 10:44:35 ----A---- C:\Windows\system32\authui.dll
2016-01-09 10:44:34 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-01-09 10:44:34 ----A---- C:\Windows\system32\consent.exe
2016-01-09 10:44:34 ----A---- C:\Windows\system32\appinfo.dll
2016-01-09 10:44:32 ----A---- C:\Windows\system32\scavengeui.dll
2016-01-09 10:44:27 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2016-01-09 10:44:27 ----A---- C:\Windows\system32\cryptdlg.dll
2016-01-09 10:44:24 ----A---- C:\Windows\SYSWOW64\wdi.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\wdi.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\powertracker.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\perftrack.dll
2016-01-09 10:44:23 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-01-09 10:44:23 ----A---- C:\Windows\system32\wpdshext.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\wintrust.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\cryptsvc.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\cryptnet.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\crypt32.dll
2016-01-09 10:44:18 ----A---- C:\Windows\SYSWOW64\charmap.exe
2016-01-09 10:44:18 ----A---- C:\Windows\system32\charmap.exe
2016-01-09 10:44:18 ----A---- C:\Windows\system32\drivers\ataport.sys
2016-01-09 10:44:17 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2016-01-09 10:44:17 ----A---- C:\Windows\system32\iologmsg.dll
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\storport.sys
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2016-01-09 10:44:14 ----A---- C:\Windows\system32\OxpsConverter.exe
2016-01-09 10:44:13 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-01-09 10:44:13 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2016-01-09 10:44:13 ----A---- C:\Windows\system32\dwmcore.dll
2016-01-09 10:44:13 ----A---- C:\Windows\system32\dwmapi.dll
2016-01-09 10:44:12 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2016-01-09 10:44:12 ----A---- C:\Windows\SYSWOW64\credui.dll
2016-01-09 10:44:12 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2016-01-09 10:44:12 ----A---- C:\Windows\system32\credui.dll
2016-01-09 10:44:09 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-01-09 10:44:08 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-01-09 10:44:08 ----A---- C:\Windows\system32\oleaut32.dll
2016-01-09 10:44:07 ----A---- C:\Windows\system32\drivers\stream.sys
2016-01-09 10:44:07 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2016-01-09 10:39:42 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml6r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml6.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml3r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml3.dll
2016-01-09 08:45:35 ----D---- C:\Windows\system32\MRT
2016-01-09 08:45:29 ----A---- C:\Windows\system32\MRT.exe
2016-01-09 08:32:48 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2016-01-09 08:32:47 ----A---- C:\Windows\SYSWOW64\wmi.dll
2016-01-09 08:32:47 ----A---- C:\Windows\system32\wmi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\icardres.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2016-01-09 08:22:35 ----A---- C:\Windows\system32\infocardapi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\system32\icardres.dll
2016-01-09 08:22:35 ----A---- C:\Windows\system32\icardagt.exe
2016-01-09 08:22:27 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-01-09 08:22:27 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-01-09 04:28:17 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2016-01-09 04:28:17 ----A---- C:\Windows\system32\cewmdm.dll
2016-01-09 04:28:14 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-01-09 04:28:14 ----A---- C:\Windows\system32\certcli.dll
2016-01-09 04:28:03 ----A---- C:\Windows\system32\services.exe
2016-01-09 04:27:47 ----A---- C:\Windows\system32\schedsvc.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbctrac.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccu32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccr32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccp32.dll
2016-01-09 04:27:45 ----A---- C:\Windows\system32\wmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-01-09 04:27:43 ----A---- C:\Windows\system32\spwmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\system32\dxmasf.dll
2016-01-09 04:27:42 ----A---- C:\Windows\system32\wmploc.DLL
2016-01-09 04:27:39 ----A---- C:\Windows\SYSWOW64\sbe.dll
2016-01-09 04:27:39 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-01-09 04:27:39 ----A---- C:\Windows\system32\sbe.dll
2016-01-09 04:27:39 ----A---- C:\Windows\system32\CPFilters.dll
2016-01-09 04:27:34 ----A---- C:\Windows\system32\sysmain.dll
2016-01-09 04:27:33 ----A---- C:\Windows\system32\msmmsp.dll
2016-01-09 04:27:33 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-01-09 04:27:09 ----A---- C:\Windows\system32\shell32.dll
2016-01-09 04:27:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-01-09 04:27:07 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-01-09 04:27:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-01-09 04:26:53 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-01-09 04:26:53 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-01-09 04:26:53 ----A---- C:\Windows\system32\webio.dll
2016-01-09 04:26:53 ----A---- C:\Windows\system32\usp10.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuwebv.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wups2.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wups.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wudriver.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wucltux.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuauclt.exe
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuapp.exe
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuapi.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-01-09 04:26:45 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-01-09 04:26:45 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-01-09 04:26:45 ----A---- C:\Windows\system32\drmv2clt.dll
2016-01-09 04:26:45 ----A---- C:\Windows\system32\blackbox.dll
2016-01-09 04:26:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-01-09 04:26:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-01-09 04:26:42 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-01-09 04:26:41 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-01-09 04:26:41 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-01-09 04:26:40 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-01-09 04:26:40 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-01-09 04:26:40 ----A---- C:\Windows\system32\audiosrv.dll
2016-01-09 04:26:39 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\pcasvc.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\cryptui.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\AudioEng.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\msscp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\msnetobj.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\EncDump.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\cryptsp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\AudioSes.dll
2016-01-09 04:26:37 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-01-09 04:26:37 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcawrk.exe
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcalua.exe
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcaevts.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcadm.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\audiodg.exe
2016-01-09 04:25:48 ----A---- C:\Windows\system32\profsvc.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\mscories.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\mscories.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\mscorier.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\dfshim.dll
2016-01-09 04:25:28 ----A---- C:\Windows\SYSWOW64\wer.dll
2016-01-09 04:25:28 ----A---- C:\Windows\system32\wer.dll
2016-01-09 04:25:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2016-01-09 04:25:27 ----A---- C:\Windows\system32\imagehlp.dll
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\netio.sys
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-01-09 04:25:07 ----A---- C:\Windows\system32\termsrv.dll
2016-01-09 04:24:55 ----A---- C:\Windows\system32\basesrv.dll
2016-01-09 04:24:36 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\nlasvc.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\nlaapi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\ncsi.dll
2016-01-09 04:24:29 ----A---- C:\Windows\SYSWOW64\osk.exe
2016-01-09 04:24:29 ----A---- C:\Windows\system32\osk.exe
2016-01-09 04:24:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-01-09 04:24:26 ----A---- C:\Windows\system32\Wdfres.dll
2016-01-09 04:24:26 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2016-01-09 04:24:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2016-01-09 04:24:20 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\system32\WebClnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\system32\davclnt.dll
2016-01-09 04:24:18 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2016-01-09 04:24:18 ----A---- C:\Windows\system32\ubpm.dll
2016-01-09 04:24:17 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-01-09 04:24:17 ----A---- C:\Windows\system32\comctl32.dll
2016-01-09 04:24:16 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-01-09 04:24:16 ----A---- C:\Windows\system32\user32.dll
2016-01-09 04:24:12 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2016-01-09 04:24:12 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2016-01-09 04:24:12 ----A---- C:\Windows\system32\mfc42u.dll
2016-01-09 04:24:12 ----A---- C:\Windows\system32\mfc42.dll
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-01-09 04:24:05 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-01-09 04:24:04 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-01-09 04:24:04 ----A---- C:\Windows\system32\wshrm.dll
2016-01-09 04:24:04 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-01-09 04:24:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-01-09 04:24:01 ----A---- C:\Windows\system32\ole32.dll
2016-01-09 04:23:57 ----A---- C:\Windows\system32\winresume.exe
2016-01-09 04:23:57 ----A---- C:\Windows\system32\winload.exe
2016-01-09 04:23:57 ----A---- C:\Windows\system32\ci.dll
2016-01-09 04:23:56 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\drivers\appid.sys
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidsvc.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidapi.dll
2016-01-09 04:23:40 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-01-09 04:23:40 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-01-09 04:23:40 ----A---- C:\Windows\system32\comsvcs.dll
2016-01-09 04:23:40 ----A---- C:\Windows\system32\catsrvut.dll
2016-01-09 04:23:35 ----A---- C:\Windows\system32\drivers\cng.sys
2016-01-09 04:23:34 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-01-09 04:23:34 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-01-09 04:23:13 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2016-01-09 04:23:13 ----A---- C:\Windows\system32\drivers\usbcir.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\usbscan.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-01-09 04:23:11 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2016-01-09 04:23:11 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-01-09 04:23:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-01-09 04:23:11 ----A---- C:\Windows\system32\drivers\afd.sys
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnscacheugc.exe
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnsapi.dll
2016-01-09 04:22:56 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-01-09 04:22:56 ----A---- C:\Windows\system32\dpnet.dll
2016-01-09 04:22:55 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-01-09 04:22:55 ----A---- C:\Windows\system32\msi.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msimsg.dll
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msihnd.dll
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msiexec.exe
2016-01-09 04:22:48 ----A---- C:\Windows\system32\objsel.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\objsel.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\wincredprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\dimsroam.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\cngprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\capiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\adprovider.dll
2016-01-09 04:22:01 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-01-09 04:22:01 ----A---- C:\Windows\system32\notepad.exe
2016-01-09 04:22:01 ----A---- C:\Windows\notepad.exe
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srv.sys
2016-01-09 04:21:58 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-01-09 04:21:58 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-01-09 04:21:57 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-01-09 04:21:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-01-09 04:21:57 ----A---- C:\Windows\system32\cdd.dll
2016-01-09 04:21:54 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2016-01-09 04:21:54 ----A---- C:\Windows\system32\psisdecd.dll
2016-01-09 04:21:29 ----A---- C:\Windows\system32\drivers\partmgr.sys
2016-01-09 04:21:28 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-01-09 04:21:28 ----A---- C:\Windows\system32\poqexec.exe
2016-01-09 04:21:24 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-01-09 04:21:24 ----A---- C:\Windows\system32\pku2u.dll
2016-01-09 04:21:17 ----A---- C:\Windows\system32\drivers\http.sys
2016-01-09 04:21:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\system32\vbscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\system32\jscript.dll
2016-01-09 04:21:12 ----A---- C:\Windows\SYSWOW64\synceng.dll
2016-01-09 04:21:12 ----A---- C:\Windows\system32\synceng.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kdusb.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kdcom.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kd1394.dll
2016-01-09 04:21:09 ----A---- C:\Windows\system32\shdocvw.dll
2016-01-09 04:21:08 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2016-01-09 04:21:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-01-09 04:21:04 ----A---- C:\Windows\system32\msctf.dll
2016-01-09 04:21:03 ----A---- C:\Windows\SYSWOW64\rastls.dll
2016-01-09 04:21:03 ----A---- C:\Windows\system32\rastls.dll
2016-01-09 04:21:02 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-01-09 04:21:02 ----A---- C:\Windows\system32\win32spl.dll
2016-01-09 04:21:01 ----A---- C:\Windows\system32\taskhost.exe
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\devobj.dll
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2016-01-09 04:20:50 ----A---- C:\Windows\system32\umpnpmgr.dll
2016-01-09 04:20:49 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-01-09 04:20:39 ----A---- C:\Windows\SYSWOW64\packager.dll
2016-01-09 04:20:39 ----A---- C:\Windows\system32\packager.dll
2016-01-09 04:20:35 ----A---- C:\Windows\system32\winlogon.exe
2016-01-09 04:20:34 ----A---- C:\Windows\system32\winsta.dll
2016-01-09 04:20:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2016-01-09 04:20:33 ----A---- C:\Windows\SYSWOW64\winsta.dll
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdrmemptylst.exe
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdpwsx.dll
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdpcorekmts.dll
2016-01-09 04:20:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2016-01-09 04:20:20 ----A---- C:\Windows\SYSWOW64\browcli.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\netapi32.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\browser.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\browcli.dll
2016-01-09 04:20:00 ----A---- C:\Windows\system32\FXSCOVER.exe
2016-01-09 04:19:59 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-01-09 04:19:59 ----A---- C:\Windows\system32\inetcomm.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\els.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\scesrv.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\msvcrt.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\els.dll
2016-01-09 04:19:56 ----A---- C:\Windows\system32\certutil.exe
2016-01-09 04:19:55 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-01-09 04:19:55 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-01-09 04:19:55 ----A---- C:\Windows\system32\certenc.dll
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\wscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\cscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\system32\wscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\system32\scrrun.dll
2016-01-09 04:19:49 ----A---- C:\Windows\system32\cscript.exe
2016-01-09 04:19:35 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-01-09 04:19:35 ----A---- C:\Windows\system32\jnwmon.dll
2016-01-09 04:19:35 ----A---- C:\Windows\system32\InkEd.dll
2016-01-09 04:19:31 ----A---- C:\Windows\system32\localspl.dll
2016-01-09 04:19:27 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-01-09 04:19:26 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2016-01-09 04:19:26 ----A---- C:\Windows\system32\oleacc.dll
2016-01-09 04:19:25 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-01-09 04:19:25 ----A---- C:\Windows\system32\EncDec.dll
2016-01-09 04:19:23 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2016-01-09 04:19:23 ----A---- C:\Windows\system32\clfsw32.dll
2016-01-09 04:19:23 ----A---- C:\Windows\system32\clfs.sys
2016-01-09 04:19:18 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2016-01-09 04:19:18 ----A---- C:\Windows\system32\cdosys.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\lpk.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\fontsub.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\dciman32.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\atmlib.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\atmfd.dll
2016-01-09 04:18:49 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2016-01-09 04:18:49 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-01-09 04:18:49 ----A---- C:\Windows\system32\nshwfp.dll
2016-01-09 04:18:49 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-01-09 04:18:49 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-01-09 03:57:05 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-01-09 03:57:05 ----A---- C:\Windows\system32\rdpcore.dll
2016-01-09 03:57:05 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2016-01-09 01:55:12 ----D---- C:\Windows\SYSWOW64\vbox
2016-01-09 01:55:12 ----D---- C:\Windows\system32\vbox
2016-01-09 01:33:20 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-01-09 01:33:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-01-09 01:33:20 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-01-09 01:33:20 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-01-09 01:33:19 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-01-09 01:33:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-01-09 01:33:19 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-01-09 01:33:19 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-01-09 01:33:15 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-01-09 01:33:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-01-09 01:33:15 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-01-09 01:33:15 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-01-09 01:33:14 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-01-09 01:33:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-01-09 01:33:14 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-01-09 01:33:14 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-01-09 01:33:11 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-01-09 01:33:09 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-01-09 01:33:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-01-09 01:33:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-01-09 01:33:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-01-09 01:33:07 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-01-09 01:33:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-01-09 01:33:07 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-01-09 01:33:07 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-01-09 01:33:06 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-01-09 01:33:06 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-01-09 01:33:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-01-09 01:33:06 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-01-09 01:33:03 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-01-09 01:33:03 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-01-09 01:33:03 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-01-09 01:33:03 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-01-09 01:33:02 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-01-09 01:33:02 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-01-09 01:33:02 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-01-09 01:33:02 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-01-09 01:33:01 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-01-09 01:33:00 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-01-09 01:33:00 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-01-09 01:32:58 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-01-09 01:32:57 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-01-09 01:32:57 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-01-09 01:32:56 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-01-09 01:32:56 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-01-09 01:32:54 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-01-09 01:32:54 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\xinput1_3.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-01-09 01:32:48 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-01-09 01:32:47 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-01-09 01:32:47 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-01-09 01:32:47 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-01-09 01:32:47 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-01-09 01:32:46 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-01-09 01:32:46 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-01-09 01:32:45 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-01-09 01:32:45 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-01-09 01:32:45 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-01-09 01:32:45 ----A---- C:\Windows\system32\d3dx10.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-01-09 01:32:43 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-01-09 01:32:43 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-01-09 01:32:43 ----A---- C:\Windows\system32\xinput1_2.dll
2016-01-09 01:32:43 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-01-09 01:32:42 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-01-09 01:32:42 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-01-09 01:32:42 ----A---- C:\Windows\system32\xinput1_1.dll
2016-01-09 01:32:42 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-01-09 01:32:41 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-01-09 01:32:41 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-01-09 01:32:40 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-01-09 01:32:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-01-09 01:32:38 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-01-09 01:32:38 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-01-09 01:32:37 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-01-09 01:32:37 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-01-09 01:32:37 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-01-09 01:32:37 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-01-09 01:32:36 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-09 01:32:36 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-01-09 01:32:36 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-01-09 01:32:36 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-01-09 01:29:49 ----D---- C:\Windows\SYSWOW64\directx
2016-01-08 21:04:06 ----D---- C:\Různé
2016-01-08 20:18:08 ----D---- C:\6cd915098d7c43677f39edbeaa
2016-01-08 19:51:16 ----D---- C:\Games
2016-01-08 19:48:11 ----D---- C:\Users\David\AppData\Roaming\Macromedia
2016-01-08 19:48:11 ----D---- C:\Users\David\AppData\Roaming\Adobe
2016-01-08 19:48:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-01-08 19:48:00 ----D---- C:\Windows\SYSWOW64\Macromed
2016-01-08 19:47:59 ----D---- C:\Windows\system32\Macromed
2016-01-08 19:40:47 ----D---- C:\Users\David\AppData\Roaming\WinRAR
2016-01-08 19:33:11 ----D---- C:\Program Files\WinRAR
2016-01-08 17:50:23 ----D---- C:\Users\David\AppData\Roaming\OpenOffice
2016-01-08 17:49:28 ----D---- C:\Program Files (x86)\OpenOffice 4
2016-01-08 17:46:49 ----D---- C:\Users\David\AppData\Roaming\ATI
2016-01-08 17:46:49 ----D---- C:\ProgramData\ATI
2016-01-08 17:45:22 ----DC---- C:\Windows\system32\DRVSTORE
2016-01-08 17:45:22 ----A---- C:\Windows\system32\drivers\SamsungRapidDiskFltr.sys
2016-01-08 17:45:19 ----D---- C:\Windows\system32\RAPID
2016-01-08 17:23:29 ----D---- C:\ProgramData\Samsung
2016-01-08 17:23:29 ----D---- C:\Program Files (x86)\Samsung
2016-01-08 16:14:10 ----D---- C:\Program Files\Unlocker
2016-01-08 15:52:58 ----D---- C:\Program Files\CCleaner
2016-01-08 15:08:38 ----D---- C:\Users\David\AppData\Roaming\Mozilla
2016-01-08 15:08:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-01-08 15:01:13 ----A---- C:\Windows\system32\drivers\ngvss.sys
2016-01-08 15:01:11 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-08 14:59:02 ----D---- C:\Users\David\AppData\Roaming\AVAST Software
2016-01-08 14:58:42 ----D---- C:\Program Files\Common Files\AV
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-01-08 14:58:35 ----A---- C:\Windows\avastSS.scr
2016-01-08 14:56:36 ----D---- C:\Program Files\AVAST Software
2016-01-08 14:55:15 ----D---- C:\ProgramData\AVAST Software
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\VmixP6.dll
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\CMPaOxy.dll
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\CMICNFG3.dll
2016-01-08 14:29:47 ----A---- C:\Windows\system32\Cmeaupci.exe
2016-01-08 14:29:38 ----A---- C:\Windows\system32\CmiInstallResAll64.dll
2016-01-08 14:29:38 ----A---- C:\Windows\difxapi.dll
2016-01-08 14:29:38 ----A---- C:\Windows\cmudax3.ini
2016-01-08 14:29:26 ----D---- C:\Program Files (x86)\AMD APP
2016-01-08 14:29:15 ----D---- C:\ProgramData\AMD
2016-01-08 14:29:15 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2016-01-08 14:29:14 ----D---- C:\Program Files (x86)\ATI Technologies
2016-01-08 14:28:03 ----D---- C:\Program Files\13-9-legacy_vista_win7_64_dd_ccc
2016-01-08 14:24:25 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-01-08 14:23:07 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-01-08 14:23:07 ----D---- C:\Program Files\Realtek
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSHP64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkAPO64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkApi64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RTCOM64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RCoInst64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-01-08 14:22:59 ----D---- C:\Program Files (x86)\Realtek
2016-01-08 14:22:59 ----A---- C:\Windows\system32\FMAPO64.dll
2016-01-08 14:22:59 ----A---- C:\Windows\system32\AERTAR64.dll
2016-01-08 14:22:59 ----A---- C:\Windows\system32\AERTAC64.dll
2016-01-08 14:22:48 ----HD---- C:\Program Files (x86)\Temp
2016-01-08 14:22:48 ----A---- C:\Windows\RtlExUpd.dll
2016-01-08 14:22:27 ----D---- C:\Program Files\AMD
2016-01-08 14:22:15 ----D---- C:\ProgramData\Package Cache
2016-01-08 14:21:20 ----D---- C:\Program Files\AMD-Catalyst-15.7.1-SB-SATA-AHCI-Win10-Win8.1-Win7
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\drivers\AsUpIO.sys
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2016-01-08 14:18:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-01-08 14:18:48 ----D---- C:\Program Files (x86)\ASUS
2016-01-08 14:16:58 ----SHD---- C:\Windows\Installer
2016-01-08 14:16:58 ----D---- C:\Program Files\ATI
2016-01-08 14:16:58 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2016-01-08 14:16:41 ----D---- C:\Program Files\ATI Technologies
2016-01-08 14:16:08 ----A---- C:\Windows\Language_trs.ini
2016-01-08 14:13:14 ----A---- C:\Windows\system32\drivers\cmudax3.sys
2016-01-08 14:13:13 ----A---- C:\Windows\system32\cmudax3.dll
2016-01-08 14:13:06 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2016-01-08 14:05:28 ----D---- C:\Users\David\AppData\Roaming\Identities
2016-01-08 14:05:25 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2016-01-08 14:05:25 ----D---- C:\Users\David\AppData\Roaming\Media Center Programs
2016-01-08 14:05:22 ----SHD---- C:\Recovery
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Šablony
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Plocha
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Oblíbené položky
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Nabídka Start
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Dokumenty
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Data aplikací
2016-01-08 14:05:04 ----D---- C:\Windows\SoftwareDistribution
2016-01-08 13:58:28 ----D---- C:\Windows\Prefetch
2016-01-08 13:58:21 ----ASH---- C:\pagefile.sys
2016-01-08 13:58:18 ----SHD---- C:\System Volume Information
2016-01-08 13:58:18 ----ASH---- C:\hiberfil.sys
2016-01-08 13:57:41 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

[vaclavka83]

2016-01-31 17:59:06 ----D---- C:\Windows\Temp
2016-01-31 17:58:41 ----D---- C:\Windows\System32
2016-01-31 17:58:41 ----D---- C:\Windows\inf
2016-01-31 17:58:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-31 17:52:52 ----D---- C:\Windows\system32\config
2016-01-31 17:52:45 ----RD---- C:\Program Files (x86)
2016-01-31 17:52:45 ----HD---- C:\ProgramData
2016-01-31 16:34:35 ----RD---- C:\Program Files
2016-01-28 18:46:15 ----D---- C:\Program Files (x86)\Common Files
2016-01-27 18:03:25 ----D---- C:\Windows\system32\Tasks
2016-01-27 18:00:59 ----D---- C:\Program Files\Common Files
2016-01-26 13:16:13 ----D---- C:\Windows\system32\drivers
2016-01-25 17:27:16 ----D---- C:\Windows\Tasks
2016-01-25 17:24:47 ----D---- C:\Windows\SysWOW64
2016-01-22 20:01:45 ----D---- C:\Windows
2016-01-20 15:41:12 ----RSD---- C:\Windows\assembly
2016-01-19 06:57:50 ----D---- C:\Windows\system32\DriverStore
2016-01-19 06:57:43 ----D---- C:\Windows\system32\pt-PT
2016-01-19 06:57:43 ----D---- C:\Windows\system32\pt-BR
2016-01-19 06:57:43 ----D---- C:\Windows\system32\nl-NL
2016-01-19 06:57:43 ----D---- C:\Windows\system32\it-IT
2016-01-19 06:57:43 ----D---- C:\Windows\system32\fr-FR
2016-01-19 06:57:43 ----D---- C:\Windows\system32\es-ES
2016-01-19 06:57:42 ----D---- C:\Windows\system32\en-US
2016-01-19 06:57:42 ----D---- C:\Windows\system32\drivers\UMDF
2016-01-19 06:57:42 ----D---- C:\Windows\system32\de-DE
2016-01-17 01:51:25 ----D---- C:\Windows\system32\wdi
2016-01-17 01:51:06 ----D---- C:\Windows\winsxs
2016-01-15 17:46:06 ----D---- C:\Windows\Logs
2016-01-15 03:59:34 ----D---- C:\Windows\system32\LogFiles
2016-01-14 08:44:12 ----D---- C:\Windows\debug
2016-01-13 19:31:39 ----D---- C:\Windows\rescache
2016-01-13 17:50:26 ----D---- C:\Windows\AppPatch
2016-01-13 17:36:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-13 17:36:29 ----D---- C:\Windows\system32\cs-CZ
2016-01-13 17:14:29 ----D---- C:\Windows\system32\catroot
2016-01-13 17:06:39 ----D---- C:\Windows\system32\catroot2
2016-01-12 19:34:29 ----SD---- C:\ProgramData\Microsoft
2016-01-12 19:34:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-01-10 20:42:16 ----D---- C:\Windows\Microsoft.NET
2016-01-10 15:27:29 ----D---- C:\Windows\AppCompat
2016-01-09 19:09:38 ----RSD---- C:\Windows\Fonts
2016-01-09 18:52:40 ----D---- C:\Windows\SYSWOW64\wbem
2016-01-09 18:52:40 ----D---- C:\Windows\system32\wbem
2016-01-09 18:52:40 ----D---- C:\Windows\system32\drivers\en-US
2016-01-09 18:52:39 ----D---- C:\Windows\tracing
2016-01-09 18:52:39 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-09 18:52:39 ----D---- C:\Windows\SYSWOW64\Dism
2016-01-09 18:52:39 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-01-09 18:52:39 ----D---- C:\Windows\system32\Dism
2016-01-09 18:52:39 ----D---- C:\Windows\system32\AdvancedInstallers
2016-01-09 18:52:39 ----D---- C:\Windows\PolicyDefinitions
2016-01-09 18:52:38 ----D---- C:\Windows\SYSWOW64\migration
2016-01-09 18:52:38 ----D---- C:\Windows\system32\migration
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-TW
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-HK
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-CN
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\tr-TR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\sv-SE
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pt-PT
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pt-BR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\nb-NO
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ko-KR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ja-JP
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\it-IT
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\fr-FR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\fi-FI
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\es-ES
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\el-GR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\de-DE
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\da-DK
2016-01-09 11:00:03 ----D---- C:\Windows\system32\zh-HK
2016-01-09 11:00:03 ----D---- C:\Windows\system32\pl-PL
2016-01-09 11:00:03 ----D---- C:\Windows\system32\ko-KR
2016-01-09 11:00:03 ----D---- C:\Windows\system32\hu-HU
2016-01-09 11:00:03 ----D---- C:\Windows\system32\el-GR
2016-01-09 11:00:02 ----D---- C:\Windows\system32\zh-TW
2016-01-09 11:00:02 ----D---- C:\Windows\system32\zh-CN
2016-01-09 11:00:02 ----D---- C:\Windows\system32\tr-TR
2016-01-09 11:00:02 ----D---- C:\Windows\system32\sv-SE
2016-01-09 11:00:02 ----D---- C:\Windows\system32\ru-RU
2016-01-09 11:00:02 ----D---- C:\Windows\system32\nb-NO
2016-01-09 11:00:02 ----D---- C:\Windows\system32\ja-JP
2016-01-09 11:00:02 ----D---- C:\Windows\system32\fi-FI
2016-01-09 11:00:02 ----D---- C:\Windows\system32\da-DK
2016-01-09 10:58:56 ----D---- C:\Windows\LiveKernelReports
2016-01-09 09:46:28 ----D---- C:\Windows\ehome
2016-01-09 09:46:28 ----D---- C:\Program Files\Windows Media Player
2016-01-09 09:46:28 ----D---- C:\Program Files\Common Files\System
2016-01-09 09:46:28 ----D---- C:\Program Files (x86)\Windows Media Player
2016-01-09 09:46:25 ----D---- C:\Program Files\Windows Defender
2016-01-09 09:46:25 ----D---- C:\Program Files (x86)\Windows Defender
2016-01-09 09:46:24 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-09 09:46:24 ----D---- C:\Windows\system32\Boot
2016-01-09 09:46:19 ----D---- C:\Program Files\Windows Journal
2016-01-08 22:13:14 ----RD---- C:\Users
2016-01-08 15:55:14 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-01-08 14:50:35 ----D---- C:\Windows\system32\NDF
2016-01-08 14:30:53 ----D---- C:\Windows\system
2016-01-08 14:18:49 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-08 14:18:42 ----D---- C:\Windows\system32\restore
2016-01-08 14:05:28 ----SHD---- C:\$Recycle.Bin
2016-01-08 14:05:22 ----D---- C:\Windows\system32\Recovery
2016-01-08 14:05:22 ----D---- C:\Program Files\Windows NT
2016-01-08 13:59:23 ----D---- C:\Windows\system32\sysprep
2016-01-08 13:58:27 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-08 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-08 273784]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-01-08 147088]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-08 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-20 40344]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-08 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-08 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-08 155304]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-01-08 310904]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2009-05-20 1154560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-29 1966624]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2014-12-10 797400]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S1 vcdrom;Virtual CD-ROM Device Driver; \??\C:\Users\David\Desktop\VCdRom.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-11-25 2016448]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-08 226440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-01-08 5561368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-12 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[vaclavka83]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: David
->Temp folder emptied: 15408708 bytes
->Temporary Internet Files folder emptied: 19382304 bytes
->FireFox cache emptied: 375228631 bytes
->Flash cache emptied: 8276 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1393993 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 392,00 mb


[EMPTYFLASH]

User: All Users

User: David
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 01312016_181700

Files moved on Reboot...
C:\Users\David\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\adobegc.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\FXSTIFFDebugLogFile.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[vaclavka83]

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2016-01-31 18:21:05
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 70 GB (33%) free of 215 GB
Total RAM: 4094 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:07, on 31.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\ProgramData\MEGAsync\MEGAsync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unblockservice.com/wpad.dat?51a7 ... 7395171804
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\Codecs\UpdateChecker.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6456 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {E7F58880-3F01-4AC2-8964-917C52A205C0}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskeng.exe {15C4D1A8-4EAB-4163-9D89-F5A740D78FCF}
C:\Windows\System32\svchost.exe -k utcsvc
system32\RAPID\SamsungRapidSvc.exe
"C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2124
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d474aaae-4c1a-4c7b-986c-17b93f5b177a -SystemEventPortName:HostProcess-98663636-dc41-445a-980a-9aa9b0e25d90 -IoCancelEventPortName:HostProcess-8932f4fa-9569-42d6-8340-b30f6c248c8e -NonStateChangingEventPortName:HostProcess-3e988dc2-9b5f-4449-a837-d0392ea5250e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:190a750b-01da-45aa-b0d7-f7d796445bcf -DeviceGroupId:WpdFsGroup
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\system32\PrintIsolationHost.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\ProgramData\MEGAsync\MEGAsync.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\David\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "keyword.URL" - "https://www.google.com/search?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-08 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-08 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Codec Pack Update Checker"=C:\Windows\system32\Codecs\UpdateChecker.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmPCIaudio]
C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive]
C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-01-14 551112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-29 7982112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SamsungRapidApp]
C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2014-09-16 281776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-08 7021880]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-31 18:13:37 ----D---- C:\_OTM
2016-01-31 17:51:39 ----D---- C:\AdwCleaner
2016-01-31 16:34:35 ----D---- C:\rsit
2016-01-31 16:34:35 ----D---- C:\Program Files\trend micro
2016-01-28 18:49:07 ----D---- C:\ProgramData\boost_interprocess
2016-01-28 17:47:37 ----D---- C:\Program Files (x86)\Adobe
2016-01-27 18:02:56 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-01-27 18:02:42 ----D---- C:\Program Files\Adobe
2016-01-27 18:00:59 ----D---- C:\Program Files\Common Files\Adobe
2016-01-27 18:00:02 ----D---- C:\ProgramData\Adobe
2016-01-26 15:19:43 ----D---- C:\Users\David\AppData\Roaming\WildTangent
2016-01-26 15:19:42 ----D---- C:\ProgramData\WildTangent
2016-01-26 15:19:42 ----D---- C:\Program Files (x86)\WildTangent Games
2016-01-26 11:19:47 ----D---- C:\Program Files (x86)\Seznam.cz
2016-01-22 20:02:01 ----D---- C:\ProgramData\Bohemia Interactive
2016-01-22 20:01:47 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-01-22 19:31:17 ----D---- C:\Users\David\AppData\Roaming\uplay
2016-01-21 10:57:24 ----D---- C:\ProgramData\Steam
2016-01-20 20:20:59 ----D---- C:\ProgramData\Origin
2016-01-20 19:48:09 ----D---- C:\Users\David\AppData\Roaming\MPC-HC
2016-01-20 19:38:16 ----D---- C:\Windows\SYSWOW64\Codecs
2016-01-20 19:27:56 ----D---- C:\Users\David\AppData\Roaming\Seznam.cz
2016-01-20 18:53:22 ----D---- C:\Live
2016-01-20 18:52:45 ----A---- C:\manifest.txt
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-01-18 17:09:37 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-01-15 07:02:26 ----D---- C:\Program Files (x86)\Elaborate Bytes
2016-01-14 09:49:50 ----A---- C:\Windows\ntbtlog.txt
2016-01-14 09:38:36 ----D---- C:\Windows\pss
2016-01-13 21:47:15 ----D---- C:\Users\David\AppData\Roaming\Wargaming.net
2016-01-13 17:50:08 ----A---- C:\Windows\system32\invagent.dll
2016-01-13 17:50:08 ----A---- C:\Windows\system32\generaltel.dll
2016-01-13 17:50:08 ----A---- C:\Windows\system32\appraiser.dll
2016-01-13 17:50:07 ----A---- C:\Windows\system32\devinv.dll
2016-01-13 17:50:07 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-13 17:50:07 ----A---- C:\Windows\system32\acmigration.dll
2016-01-13 17:07:54 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\qedit.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\mapi32.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\aepic.dll
2016-01-13 17:07:54 ----A---- C:\Windows\system32\aeinv.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-01-13 17:07:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-01-13 17:07:53 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-13 17:07:53 ----A---- C:\Windows\system32\mapistub.dll
2016-01-13 17:07:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-13 17:07:52 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 17:07:52 ----A---- C:\Windows\system32\mf.dll
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-13 17:07:51 ----A---- C:\Windows\system32\quartz.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\mcmde.dll
2016-01-13 17:07:51 ----A---- C:\Windows\system32\evr.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-13 17:07:50 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 17:07:50 ----A---- C:\Windows\system32\mfplat.dll
2016-01-13 17:07:50 ----A---- C:\Windows\system32\devenum.dll
2016-01-13 17:07:50 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-13 17:07:49 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\qdvd.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\qasf.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfps.dll
2016-01-13 17:07:49 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-13 17:07:49 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-13 17:07:48 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-01-13 17:07:48 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\mferror.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\ksuser.dll
2016-01-13 17:07:48 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-13 17:07:48 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-01-13 17:07:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-13 17:07:10 ----A---- C:\Windows\system32\win32k.sys
2016-01-13 17:07:10 ----A---- C:\Windows\system32\advapi32.dll
2016-01-13 17:07:09 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-13 17:07:09 ----A---- C:\Windows\system32\gdi32.dll
2016-01-13 17:07:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-01-13 17:07:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\schannel.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\kernel32.dll
2016-01-13 17:07:05 ----A---- C:\Windows\system32\kerberos.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-01-13 17:07:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\winsrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\wdigest.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\sspisrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\sspicli.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\secur32.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\ntdll.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\lsass.exe
2016-01-13 17:07:04 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-13 17:07:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-01-13 17:07:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-01-13 17:07:04 ----A---- C:\Windows\system32\credssp.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:07:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-01-13 17:07:03 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64win.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\wow64.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\srcore.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\srclient.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\smss.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\rstrui.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-13 17:07:03 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-13 17:07:03 ----A---- C:\Windows\system32\conhost.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\auditpol.exe
2016-01-13 17:07:03 ----A---- C:\Windows\system32\apisetschema.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 17:07:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-01-13 17:07:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\msobjs.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\msaudite.dll
2016-01-13 17:07:02 ----A---- C:\Windows\system32\adtschema.dll
2016-01-12 19:34:57 ----D---- C:\Windows\cs
2016-01-12 19:34:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-01-12 19:34:27 ----D---- C:\Windows\PCHEALTH
2016-01-12 19:34:08 ----D---- C:\Program Files (x86)\Windows Live
2016-01-12 19:32:00 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2016-01-12 19:31:40 ----D---- C:\ProgramData\Microsoft OneDrive
2016-01-12 19:24:34 ----D---- C:\Windows\SYSWOW64\Wat
2016-01-12 19:24:34 ----D---- C:\Windows\system32\Wat
2016-01-12 17:21:23 ----HD---- C:\ProgramData\CanonBJ
2016-01-10 17:34:16 ----D---- C:\Users\David\AppData\Roaming\Kingosoft
2016-01-10 17:33:22 ----D---- C:\Windows\system32\appmgmt
2016-01-10 16:16:55 ----D---- C:\ProgramData\MEGAsync
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDTAT.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDRU1.DLL
2016-01-09 19:37:04 ----A---- C:\Windows\system32\KBDRU.DLL
2016-01-09 19:37:03 ----A---- C:\Windows\system32\KBDYAK.DLL
2016-01-09 19:37:03 ----A---- C:\Windows\system32\KBDBASH.DLL
2016-01-09 19:36:52 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2016-01-09 19:36:52 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-01-09 19:36:52 ----A---- C:\Windows\system32\fsutil.exe
2016-01-09 19:36:52 ----A---- C:\Windows\system32\esent.dll
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\nvraid.sys
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2016-01-09 19:36:52 ----A---- C:\Windows\system32\drivers\amdxata.sys
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\nvstor.sys
2016-01-09 19:36:51 ----A---- C:\Windows\system32\drivers\amdsata.sys
2016-01-09 19:20:11 ----A---- C:\Windows\system32\wksprt.exe
2016-01-09 19:20:11 ----A---- C:\Windows\system32\mstscax.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-01-09 19:20:10 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-01-09 19:20:10 ----A---- C:\Windows\system32\tsgqec.dll
2016-01-09 19:20:10 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-01-09 19:19:47 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-01-09 19:19:47 ----A---- C:\Windows\system32\rdpcorets.dll
2016-01-09 19:19:46 ----A---- C:\Windows\system32\rdpudd.dll
2016-01-09 19:19:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-01-09 19:19:43 ----A---- C:\Windows\system32\d2d1.dll
2016-01-09 19:19:19 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\system32\nlsbres.dll
2016-01-09 19:07:15 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-01-09 19:07:15 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-01-09 19:07:15 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-01-09 18:52:39 ----SD---- C:\Windows\system32\CompatTel
2016-01-09 18:52:39 ----D---- C:\Windows\system32\appraiser
2016-01-09 16:33:30 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-01-09 16:33:29 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-01-09 16:33:29 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-01-09 16:33:28 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\wksprtPS.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\mstsc.exe
2016-01-09 16:33:28 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-01-09 16:33:28 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-01-09 16:31:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-01-09 16:30:17 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-01-09 16:27:43 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2016-01-09 16:27:43 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2016-01-09 16:27:42 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2016-01-09 16:27:42 ----A---- C:\Windows\system32\rdpendp_winip.dll
2016-01-09 16:26:09 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-01-09 16:26:09 ----A---- C:\Windows\system32\FntCache.dll
2016-01-09 16:26:09 ----A---- C:\Windows\system32\DWrite.dll
2016-01-09 16:26:07 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-01-09 16:26:06 ----A---- C:\Windows\system32\d3d10warp.dll
2016-01-09 16:25:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-01-09 16:25:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-01-09 16:25:53 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2016-01-09 16:25:53 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFx.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFHost.exe
2016-01-09 16:25:52 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2016-01-09 16:25:48 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-01-09 16:25:48 ----A---- C:\Windows\system32\WMPhoto.dll
2016-01-09 11:00:03 ----SD---- C:\Windows\SYSWOW64\GWX
2016-01-09 11:00:03 ----SD---- C:\Windows\system32\GWX
2016-01-09 11:00:03 ----D---- C:\Windows\Migration
2016-01-09 10:49:01 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-01-09 10:49:01 ----A---- C:\Windows\system32\UIAnimation.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-09 10:48:57 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-01-09 10:48:57 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\dxgi.dll
2016-01-09 10:48:57 ----A---- C:\Windows\system32\d3d10_1.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\XpsPrint.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10level9.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10_1core.dll
2016-01-09 10:48:56 ----A---- C:\Windows\system32\d3d10.dll
2016-01-09 10:48:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-01-09 10:47:06 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2016-01-09 10:47:06 ----A---- C:\Windows\system32\msieftp.dll
2016-01-09 10:47:01 ----A---- C:\Windows\system32\TSWorkspace.dll
2016-01-09 10:47:00 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2016-01-09 10:46:50 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2016-01-09 10:46:50 ----A---- C:\Windows\SYSWOW64\sechost.dll
2016-01-09 10:46:50 ----A---- C:\Windows\system32\tracerpt.exe
2016-01-09 10:46:50 ----A---- C:\Windows\system32\sechost.dll
2016-01-09 10:46:50 ----A---- C:\Windows\system32\logman.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\relog.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\logman.exe
2016-01-09 10:46:49 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\typeperf.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\relog.exe
2016-01-09 10:46:49 ----A---- C:\Windows\system32\diskperf.exe
2016-01-09 10:46:34 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2016-01-09 10:46:34 ----A---- C:\Windows\SYSWOW64\gameux.dll
2016-01-09 10:46:34 ----A---- C:\Windows\system32\Wpc.dll
2016-01-09 10:46:34 ----A---- C:\Windows\system32\gameux.dll
2016-01-09 10:46:19 ----A---- C:\Windows\system32\icaapi.dll
2016-01-09 10:46:18 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-01-09 10:46:07 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-01-09 10:46:07 ----A---- C:\Windows\system32\ntshrui.dll
2016-01-09 10:46:00 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2016-01-09 10:46:00 ----A---- C:\Windows\system32\dhcpcore6.dll
2016-01-09 10:45:57 ----A---- C:\Windows\system32\tquery.dll
2016-01-09 10:45:57 ----A---- C:\Windows\system32\mssrch.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-01-09 10:45:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\SearchFilterHost.exe
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssvp.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssphtb.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\mssph.dll
2016-01-09 10:45:56 ----A---- C:\Windows\system32\msscntrs.dll
2016-01-09 10:45:55 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2016-01-09 10:45:55 ----A---- C:\Windows\system32\xmllite.dll
2016-01-09 10:45:54 ----A---- C:\Windows\system32\wwansvc.dll
2016-01-09 10:45:54 ----A---- C:\Windows\system32\wwanprotdim.dll
2016-01-09 10:45:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-01-09 10:45:51 ----A---- C:\Windows\system32\tzres.dll
2016-01-09 10:45:43 ----A---- C:\Windows\SYSWOW64\netevent.dll
2016-01-09 10:45:43 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\netevent.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\netcorehc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-01-09 10:45:43 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-01-09 10:45:36 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-01-09 10:45:35 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-01-09 10:45:35 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-01-09 10:45:35 ----A---- C:\Windows\system32\shimeng.dll
2016-01-09 10:45:35 ----A---- C:\Windows\system32\sdbinst.exe
2016-01-09 10:45:35 ----A---- C:\Windows\system32\apphelp.dll
2016-01-09 10:45:35 ----A---- C:\Windows\system32\aelupsvc.dll
2016-01-09 10:45:34 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2016-01-09 10:45:34 ----A---- C:\Windows\system32\prevhost.exe
2016-01-09 10:45:29 ----A---- C:\Windows\system32\UtcResources.dll
2016-01-09 10:45:29 ----A---- C:\Windows\system32\diagtrack.dll
2016-01-09 10:45:27 ----A---- C:\Windows\system32\tdh.dll
2016-01-09 10:45:26 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-01-09 10:45:10 ----A---- C:\Windows\system32\aitstatic.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\secproc_isv.dll
2016-01-09 10:44:59 ----A---- C:\Windows\system32\secproc.dll
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate_isv.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\RMActivate.exe
2016-01-09 10:44:59 ----A---- C:\Windows\system32\msdrm.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\secproc.dll
2016-01-09 10:44:58 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2016-01-09 10:44:58 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2016-01-09 10:44:58 ----A---- C:\Windows\system32\secproc_ssp.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\ucrtbase.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-09 10:44:56 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-09 10:44:55 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-09 10:44:38 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-01-09 10:44:38 ----A---- C:\Windows\system32\d3d11.dll
2016-01-09 10:44:37 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-01-09 10:44:37 ----A---- C:\Windows\system32\mswsock.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-01-09 10:44:36 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmSvc.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WsmAuto.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-01-09 10:44:36 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-01-09 10:44:35 ----A---- C:\Windows\system32\authui.dll
2016-01-09 10:44:34 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-01-09 10:44:34 ----A---- C:\Windows\system32\consent.exe
2016-01-09 10:44:34 ----A---- C:\Windows\system32\appinfo.dll
2016-01-09 10:44:32 ----A---- C:\Windows\system32\scavengeui.dll
2016-01-09 10:44:27 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2016-01-09 10:44:27 ----A---- C:\Windows\system32\cryptdlg.dll
2016-01-09 10:44:24 ----A---- C:\Windows\SYSWOW64\wdi.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\wdi.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\powertracker.dll
2016-01-09 10:44:24 ----A---- C:\Windows\system32\perftrack.dll
2016-01-09 10:44:23 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-01-09 10:44:23 ----A---- C:\Windows\system32\wpdshext.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-01-09 10:44:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\wintrust.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\cryptsvc.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\cryptnet.dll
2016-01-09 10:44:22 ----A---- C:\Windows\system32\crypt32.dll
2016-01-09 10:44:18 ----A---- C:\Windows\SYSWOW64\charmap.exe
2016-01-09 10:44:18 ----A---- C:\Windows\system32\charmap.exe
2016-01-09 10:44:18 ----A---- C:\Windows\system32\drivers\ataport.sys
2016-01-09 10:44:17 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2016-01-09 10:44:17 ----A---- C:\Windows\system32\iologmsg.dll
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\storport.sys
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-01-09 10:44:17 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2016-01-09 10:44:14 ----A---- C:\Windows\system32\OxpsConverter.exe
2016-01-09 10:44:13 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-01-09 10:44:13 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2016-01-09 10:44:13 ----A---- C:\Windows\system32\dwmcore.dll
2016-01-09 10:44:13 ----A---- C:\Windows\system32\dwmapi.dll
2016-01-09 10:44:12 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2016-01-09 10:44:12 ----A---- C:\Windows\SYSWOW64\credui.dll
2016-01-09 10:44:12 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2016-01-09 10:44:12 ----A---- C:\Windows\system32\credui.dll
2016-01-09 10:44:09 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-01-09 10:44:08 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-01-09 10:44:08 ----A---- C:\Windows\system32\oleaut32.dll
2016-01-09 10:44:07 ----A---- C:\Windows\system32\drivers\stream.sys
2016-01-09 10:44:07 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2016-01-09 10:39:42 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml6r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml6.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml3r.dll
2016-01-09 10:39:39 ----A---- C:\Windows\system32\msxml3.dll
2016-01-09 08:45:35 ----D---- C:\Windows\system32\MRT
2016-01-09 08:45:29 ----A---- C:\Windows\system32\MRT.exe
2016-01-09 08:32:48 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2016-01-09 08:32:47 ----A---- C:\Windows\SYSWOW64\wmi.dll
2016-01-09 08:32:47 ----A---- C:\Windows\system32\wmi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\icardres.dll
2016-01-09 08:22:35 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2016-01-09 08:22:35 ----A---- C:\Windows\system32\infocardapi.dll
2016-01-09 08:22:35 ----A---- C:\Windows\system32\icardres.dll
2016-01-09 08:22:35 ----A---- C:\Windows\system32\icardagt.exe
2016-01-09 08:22:27 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-01-09 08:22:27 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-01-09 04:28:17 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2016-01-09 04:28:17 ----A---- C:\Windows\system32\cewmdm.dll
2016-01-09 04:28:14 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-01-09 04:28:14 ----A---- C:\Windows\system32\certcli.dll
2016-01-09 04:28:03 ----A---- C:\Windows\system32\services.exe
2016-01-09 04:27:47 ----A---- C:\Windows\system32\schedsvc.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbctrac.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccu32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccr32.dll
2016-01-09 04:27:46 ----A---- C:\Windows\system32\odbccp32.dll
2016-01-09 04:27:45 ----A---- C:\Windows\system32\wmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-01-09 04:27:43 ----A---- C:\Windows\system32\spwmp.dll
2016-01-09 04:27:43 ----A---- C:\Windows\system32\dxmasf.dll
2016-01-09 04:27:42 ----A---- C:\Windows\system32\wmploc.DLL
2016-01-09 04:27:39 ----A---- C:\Windows\SYSWOW64\sbe.dll
2016-01-09 04:27:39 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-01-09 04:27:39 ----A---- C:\Windows\system32\sbe.dll
2016-01-09 04:27:39 ----A---- C:\Windows\system32\CPFilters.dll
2016-01-09 04:27:34 ----A---- C:\Windows\system32\sysmain.dll
2016-01-09 04:27:33 ----A---- C:\Windows\system32\msmmsp.dll
2016-01-09 04:27:33 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-01-09 04:27:09 ----A---- C:\Windows\system32\shell32.dll
2016-01-09 04:27:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-01-09 04:27:07 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-01-09 04:27:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-01-09 04:26:53 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-01-09 04:26:53 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-01-09 04:26:53 ----A---- C:\Windows\system32\webio.dll
2016-01-09 04:26:53 ----A---- C:\Windows\system32\usp10.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-01-09 04:26:52 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuwebv.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wups2.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wups.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wudriver.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wucltux.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuaueng.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuauclt.exe
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuapp.exe
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wuapi.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-01-09 04:26:52 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-01-09 04:26:45 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-01-09 04:26:45 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-01-09 04:26:45 ----A---- C:\Windows\system32\drmv2clt.dll
2016-01-09 04:26:45 ----A---- C:\Windows\system32\blackbox.dll
2016-01-09 04:26:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-01-09 04:26:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-01-09 04:26:42 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-01-09 04:26:41 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-01-09 04:26:41 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-01-09 04:26:40 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-01-09 04:26:40 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-01-09 04:26:40 ----A---- C:\Windows\system32\audiosrv.dll
2016-01-09 04:26:39 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\pcasvc.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\cryptui.dll
2016-01-09 04:26:39 ----A---- C:\Windows\system32\AudioEng.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-01-09 04:26:38 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\msscp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\msnetobj.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\EncDump.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\cryptsp.dll
2016-01-09 04:26:38 ----A---- C:\Windows\system32\AudioSes.dll
2016-01-09 04:26:37 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-01-09 04:26:37 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcawrk.exe
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcalua.exe
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcaevts.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\pcadm.dll
2016-01-09 04:26:37 ----A---- C:\Windows\system32\audiodg.exe
2016-01-09 04:25:48 ----A---- C:\Windows\system32\profsvc.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\mscories.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2016-01-09 04:25:47 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\mscories.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\mscorier.dll
2016-01-09 04:25:47 ----A---- C:\Windows\system32\dfshim.dll
2016-01-09 04:25:28 ----A---- C:\Windows\SYSWOW64\wer.dll
2016-01-09 04:25:28 ----A---- C:\Windows\system32\wer.dll
2016-01-09 04:25:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2016-01-09 04:25:27 ----A---- C:\Windows\system32\imagehlp.dll
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\netio.sys
2016-01-09 04:25:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-01-09 04:25:07 ----A---- C:\Windows\system32\termsrv.dll
2016-01-09 04:24:55 ----A---- C:\Windows\system32\basesrv.dll
2016-01-09 04:24:36 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\nlasvc.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\nlaapi.dll
2016-01-09 04:24:36 ----A---- C:\Windows\system32\ncsi.dll
2016-01-09 04:24:29 ----A---- C:\Windows\SYSWOW64\osk.exe
2016-01-09 04:24:29 ----A---- C:\Windows\system32\osk.exe
2016-01-09 04:24:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-01-09 04:24:26 ----A---- C:\Windows\system32\Wdfres.dll
2016-01-09 04:24:26 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2016-01-09 04:24:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2016-01-09 04:24:20 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\system32\WebClnt.dll
2016-01-09 04:24:20 ----A---- C:\Windows\system32\davclnt.dll
2016-01-09 04:24:18 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2016-01-09 04:24:18 ----A---- C:\Windows\system32\ubpm.dll
2016-01-09 04:24:17 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-01-09 04:24:17 ----A---- C:\Windows\system32\comctl32.dll
2016-01-09 04:24:16 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-01-09 04:24:16 ----A---- C:\Windows\system32\user32.dll
2016-01-09 04:24:12 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2016-01-09 04:24:12 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2016-01-09 04:24:12 ----A---- C:\Windows\system32\mfc42u.dll
2016-01-09 04:24:12 ----A---- C:\Windows\system32\mfc42.dll
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-01-09 04:24:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-01-09 04:24:05 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-01-09 04:24:04 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-01-09 04:24:04 ----A---- C:\Windows\system32\wshrm.dll
2016-01-09 04:24:04 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-01-09 04:24:01 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-01-09 04:24:01 ----A---- C:\Windows\system32\ole32.dll
2016-01-09 04:23:57 ----A---- C:\Windows\system32\winresume.exe
2016-01-09 04:23:57 ----A---- C:\Windows\system32\winload.exe
2016-01-09 04:23:57 ----A---- C:\Windows\system32\ci.dll
2016-01-09 04:23:56 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\drivers\appid.sys
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidsvc.dll
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-01-09 04:23:56 ----A---- C:\Windows\system32\appidapi.dll
2016-01-09 04:23:40 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-01-09 04:23:40 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-01-09 04:23:40 ----A---- C:\Windows\system32\comsvcs.dll
2016-01-09 04:23:40 ----A---- C:\Windows\system32\catsrvut.dll
2016-01-09 04:23:35 ----A---- C:\Windows\system32\drivers\cng.sys
2016-01-09 04:23:34 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-01-09 04:23:34 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-01-09 04:23:13 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2016-01-09 04:23:13 ----A---- C:\Windows\system32\drivers\usbcir.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\usbscan.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-01-09 04:23:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-01-09 04:23:11 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2016-01-09 04:23:11 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-01-09 04:23:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-01-09 04:23:11 ----A---- C:\Windows\system32\drivers\afd.sys
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnscacheugc.exe
2016-01-09 04:23:11 ----A---- C:\Windows\system32\dnsapi.dll
2016-01-09 04:22:56 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-01-09 04:22:56 ----A---- C:\Windows\system32\dpnet.dll
2016-01-09 04:22:55 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-01-09 04:22:55 ----A---- C:\Windows\system32\msi.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-01-09 04:22:54 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msimsg.dll
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msihnd.dll
2016-01-09 04:22:54 ----A---- C:\Windows\system32\msiexec.exe
2016-01-09 04:22:48 ----A---- C:\Windows\system32\objsel.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\objsel.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\wincredprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\dimsroam.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\cngprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\capiprovider.dll
2016-01-09 04:22:47 ----A---- C:\Windows\system32\adprovider.dll
2016-01-09 04:22:01 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-01-09 04:22:01 ----A---- C:\Windows\system32\notepad.exe
2016-01-09 04:22:01 ----A---- C:\Windows\notepad.exe
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-01-09 04:22:00 ----A---- C:\Windows\system32\drivers\srv.sys
2016-01-09 04:21:58 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-01-09 04:21:58 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-01-09 04:21:57 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-01-09 04:21:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-01-09 04:21:57 ----A---- C:\Windows\system32\cdd.dll
2016-01-09 04:21:54 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2016-01-09 04:21:54 ----A---- C:\Windows\system32\psisdecd.dll
2016-01-09 04:21:29 ----A---- C:\Windows\system32\drivers\partmgr.sys
2016-01-09 04:21:28 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-01-09 04:21:28 ----A---- C:\Windows\system32\poqexec.exe
2016-01-09 04:21:24 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-01-09 04:21:24 ----A---- C:\Windows\system32\pku2u.dll
2016-01-09 04:21:17 ----A---- C:\Windows\system32\drivers\http.sys
2016-01-09 04:21:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\system32\vbscript.dll
2016-01-09 04:21:16 ----A---- C:\Windows\system32\jscript.dll
2016-01-09 04:21:12 ----A---- C:\Windows\SYSWOW64\synceng.dll
2016-01-09 04:21:12 ----A---- C:\Windows\system32\synceng.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kdusb.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kdcom.dll
2016-01-09 04:21:11 ----A---- C:\Windows\system32\kd1394.dll
2016-01-09 04:21:09 ----A---- C:\Windows\system32\shdocvw.dll
2016-01-09 04:21:08 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2016-01-09 04:21:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-01-09 04:21:04 ----A---- C:\Windows\system32\msctf.dll
2016-01-09 04:21:03 ----A---- C:\Windows\SYSWOW64\rastls.dll
2016-01-09 04:21:03 ----A---- C:\Windows\system32\rastls.dll
2016-01-09 04:21:02 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-01-09 04:21:02 ----A---- C:\Windows\system32\win32spl.dll
2016-01-09 04:21:01 ----A---- C:\Windows\system32\taskhost.exe
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\devobj.dll
2016-01-09 04:20:50 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2016-01-09 04:20:50 ----A---- C:\Windows\system32\umpnpmgr.dll
2016-01-09 04:20:49 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-01-09 04:20:39 ----A---- C:\Windows\SYSWOW64\packager.dll
2016-01-09 04:20:39 ----A---- C:\Windows\system32\packager.dll
2016-01-09 04:20:35 ----A---- C:\Windows\system32\winlogon.exe
2016-01-09 04:20:34 ----A---- C:\Windows\system32\winsta.dll
2016-01-09 04:20:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2016-01-09 04:20:33 ----A---- C:\Windows\SYSWOW64\winsta.dll
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdrmemptylst.exe
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdpwsx.dll
2016-01-09 04:20:33 ----A---- C:\Windows\system32\rdpcorekmts.dll
2016-01-09 04:20:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2016-01-09 04:20:20 ----A---- C:\Windows\SYSWOW64\browcli.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\netapi32.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\browser.dll
2016-01-09 04:20:20 ----A---- C:\Windows\system32\browcli.dll
2016-01-09 04:20:00 ----A---- C:\Windows\system32\FXSCOVER.exe
2016-01-09 04:19:59 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-01-09 04:19:59 ----A---- C:\Windows\system32\inetcomm.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2016-01-09 04:19:58 ----A---- C:\Windows\SYSWOW64\els.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\scesrv.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\msvcrt.dll
2016-01-09 04:19:58 ----A---- C:\Windows\system32\els.dll
2016-01-09 04:19:56 ----A---- C:\Windows\system32\certutil.exe
2016-01-09 04:19:55 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-01-09 04:19:55 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-01-09 04:19:55 ----A---- C:\Windows\system32\certenc.dll
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\wscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2016-01-09 04:19:49 ----A---- C:\Windows\SYSWOW64\cscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\system32\wscript.exe
2016-01-09 04:19:49 ----A---- C:\Windows\system32\scrrun.dll
2016-01-09 04:19:49 ----A---- C:\Windows\system32\cscript.exe
2016-01-09 04:19:35 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-01-09 04:19:35 ----A---- C:\Windows\system32\jnwmon.dll
2016-01-09 04:19:35 ----A---- C:\Windows\system32\InkEd.dll
2016-01-09 04:19:31 ----A---- C:\Windows\system32\localspl.dll
2016-01-09 04:19:27 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-01-09 04:19:26 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2016-01-09 04:19:26 ----A---- C:\Windows\system32\oleacc.dll
2016-01-09 04:19:25 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-01-09 04:19:25 ----A---- C:\Windows\system32\EncDec.dll
2016-01-09 04:19:23 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2016-01-09 04:19:23 ----A---- C:\Windows\system32\clfsw32.dll
2016-01-09 04:19:23 ----A---- C:\Windows\system32\clfs.sys
2016-01-09 04:19:18 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2016-01-09 04:19:18 ----A---- C:\Windows\system32\cdosys.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-01-09 04:18:52 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\lpk.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\fontsub.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\dciman32.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\atmlib.dll
2016-01-09 04:18:52 ----A---- C:\Windows\system32\atmfd.dll
2016-01-09 04:18:49 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2016-01-09 04:18:49 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-01-09 04:18:49 ----A---- C:\Windows\system32\nshwfp.dll
2016-01-09 04:18:49 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-01-09 04:18:49 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-01-09 03:57:05 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-01-09 03:57:05 ----A---- C:\Windows\system32\rdpcore.dll
2016-01-09 03:57:05 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2016-01-09 01:55:12 ----D---- C:\Windows\SYSWOW64\vbox
2016-01-09 01:55:12 ----D---- C:\Windows\system32\vbox
2016-01-09 01:33:20 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-01-09 01:33:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-01-09 01:33:20 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-01-09 01:33:20 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-01-09 01:33:19 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-01-09 01:33:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-01-09 01:33:19 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-01-09 01:33:19 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-01-09 01:33:18 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-01-09 01:33:17 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-01-09 01:33:16 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-01-09 01:33:16 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-01-09 01:33:15 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-01-09 01:33:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-01-09 01:33:15 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-01-09 01:33:15 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-01-09 01:33:14 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-01-09 01:33:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-01-09 01:33:14 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-01-09 01:33:14 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-01-09 01:33:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-01-09 01:33:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-01-09 01:33:11 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-01-09 01:33:11 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-01-09 01:33:10 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-01-09 01:33:10 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-01-09 01:33:09 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-01-09 01:33:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-01-09 01:33:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-01-09 01:33:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-01-09 01:33:07 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-01-09 01:33:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-01-09 01:33:07 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-01-09 01:33:07 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-01-09 01:33:06 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-01-09 01:33:06 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-01-09 01:33:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-01-09 01:33:06 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-01-09 01:33:05 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-01-09 01:33:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-01-09 01:33:04 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-01-09 01:33:03 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-01-09 01:33:03 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-01-09 01:33:03 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-01-09 01:33:03 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-01-09 01:33:02 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-01-09 01:33:02 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-01-09 01:33:02 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-01-09 01:33:02 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-01-09 01:33:01 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-01-09 01:33:01 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-01-09 01:33:00 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-01-09 01:33:00 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-01-09 01:32:59 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-01-09 01:32:58 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-01-09 01:32:58 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-01-09 01:32:57 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-01-09 01:32:57 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-01-09 01:32:56 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-01-09 01:32:56 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-01-09 01:32:55 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-01-09 01:32:54 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-01-09 01:32:54 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-01-09 01:32:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-01-09 01:32:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-01-09 01:32:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\xinput1_3.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-01-09 01:32:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-01-09 01:32:48 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-01-09 01:32:48 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-01-09 01:32:47 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-01-09 01:32:47 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-01-09 01:32:47 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-01-09 01:32:47 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-01-09 01:32:46 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-01-09 01:32:46 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-01-09 01:32:45 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-01-09 01:32:45 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-01-09 01:32:45 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-01-09 01:32:45 ----A---- C:\Windows\system32\d3dx10.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-01-09 01:32:44 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-01-09 01:32:44 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-01-09 01:32:43 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-01-09 01:32:43 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-01-09 01:32:43 ----A---- C:\Windows\system32\xinput1_2.dll
2016-01-09 01:32:43 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-01-09 01:32:42 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-01-09 01:32:42 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-01-09 01:32:42 ----A---- C:\Windows\system32\xinput1_1.dll
2016-01-09 01:32:42 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-01-09 01:32:41 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-01-09 01:32:41 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-01-09 01:32:40 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-01-09 01:32:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-01-09 01:32:39 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-01-09 01:32:38 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-01-09 01:32:38 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-01-09 01:32:37 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-01-09 01:32:37 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-01-09 01:32:37 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-01-09 01:32:37 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-01-09 01:32:36 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-01-09 01:32:36 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-01-09 01:32:36 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-01-09 01:32:36 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-01-09 01:29:49 ----D---- C:\Windows\SYSWOW64\directx
2016-01-08 21:04:06 ----D---- C:\Různé
2016-01-08 20:18:08 ----D---- C:\6cd915098d7c43677f39edbeaa
2016-01-08 19:51:16 ----D---- C:\Games
2016-01-08 19:48:11 ----D---- C:\Users\David\AppData\Roaming\Macromedia
2016-01-08 19:48:11 ----D---- C:\Users\David\AppData\Roaming\Adobe
2016-01-08 19:48:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-01-08 19:48:00 ----D---- C:\Windows\SYSWOW64\Macromed
2016-01-08 19:47:59 ----D---- C:\Windows\system32\Macromed
2016-01-08 19:40:47 ----D---- C:\Users\David\AppData\Roaming\WinRAR
2016-01-08 19:33:11 ----D---- C:\Program Files\WinRAR
2016-01-08 17:50:23 ----D---- C:\Users\David\AppData\Roaming\OpenOffice
2016-01-08 17:49:28 ----D---- C:\Program Files (x86)\OpenOffice 4
2016-01-08 17:46:49 ----D---- C:\Users\David\AppData\Roaming\ATI
2016-01-08 17:46:49 ----D---- C:\ProgramData\ATI
2016-01-08 17:45:22 ----DC---- C:\Windows\system32\DRVSTORE
2016-01-08 17:45:22 ----A---- C:\Windows\system32\drivers\SamsungRapidDiskFltr.sys
2016-01-08 17:45:19 ----D---- C:\Windows\system32\RAPID
2016-01-08 17:23:29 ----D---- C:\ProgramData\Samsung
2016-01-08 17:23:29 ----D---- C:\Program Files (x86)\Samsung
2016-01-08 16:14:10 ----D---- C:\Program Files\Unlocker
2016-01-08 15:52:58 ----D---- C:\Program Files\CCleaner
2016-01-08 15:08:38 ----D---- C:\Users\David\AppData\Roaming\Mozilla
2016-01-08 15:08:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-01-08 15:01:13 ----A---- C:\Windows\system32\drivers\ngvss.sys
2016-01-08 15:01:11 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-08 14:59:02 ----D---- C:\Users\David\AppData\Roaming\AVAST Software
2016-01-08 14:58:42 ----D---- C:\Program Files\Common Files\AV
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-01-08 14:58:38 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-01-08 14:58:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-01-08 14:58:35 ----A---- C:\Windows\avastSS.scr
2016-01-08 14:56:36 ----D---- C:\Program Files\AVAST Software
2016-01-08 14:55:15 ----D---- C:\ProgramData\AVAST Software
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\VmixP6.dll
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\CMPaOxy.dll
2016-01-08 14:29:47 ----A---- C:\Windows\SYSWOW64\CMICNFG3.dll
2016-01-08 14:29:47 ----A---- C:\Windows\system32\Cmeaupci.exe
2016-01-08 14:29:38 ----A---- C:\Windows\system32\CmiInstallResAll64.dll
2016-01-08 14:29:38 ----A---- C:\Windows\difxapi.dll
2016-01-08 14:29:38 ----A---- C:\Windows\cmudax3.ini
2016-01-08 14:29:26 ----D---- C:\Program Files (x86)\AMD APP
2016-01-08 14:29:15 ----D---- C:\ProgramData\AMD
2016-01-08 14:29:15 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2016-01-08 14:29:14 ----D---- C:\Program Files (x86)\ATI Technologies
2016-01-08 14:28:03 ----D---- C:\Program Files\13-9-legacy_vista_win7_64_dd_ccc
2016-01-08 14:24:25 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-01-08 14:23:07 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-01-08 14:23:07 ----D---- C:\Program Files\Realtek
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\SRSHP64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkAPO64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RtkApi64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RTCOM64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\RCoInst64.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-01-08 14:23:00 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-01-08 14:22:59 ----D---- C:\Program Files (x86)\Realtek
2016-01-08 14:22:59 ----A---- C:\Windows\system32\FMAPO64.dll
2016-01-08 14:22:59 ----A---- C:\Windows\system32\AERTAR64.dll
2016-01-08 14:22:59 ----A---- C:\Windows\system32\AERTAC64.dll
2016-01-08 14:22:48 ----HD---- C:\Program Files (x86)\Temp
2016-01-08 14:22:48 ----A---- C:\Windows\RtlExUpd.dll
2016-01-08 14:22:27 ----D---- C:\Program Files\AMD
2016-01-08 14:22:15 ----D---- C:\ProgramData\Package Cache
2016-01-08 14:21:20 ----D---- C:\Program Files\AMD-Catalyst-15.7.1-SB-SATA-AHCI-Win10-Win8.1-Win7
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\drivers\AsUpIO.sys
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2016-01-08 14:18:49 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2016-01-08 14:18:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-01-08 14:18:48 ----D---- C:\Program Files (x86)\ASUS
2016-01-08 14:16:58 ----SHD---- C:\Windows\Installer
2016-01-08 14:16:58 ----D---- C:\Program Files\ATI
2016-01-08 14:16:58 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2016-01-08 14:16:41 ----D---- C:\Program Files\ATI Technologies
2016-01-08 14:16:08 ----A---- C:\Windows\Language_trs.ini
2016-01-08 14:13:14 ----A---- C:\Windows\system32\drivers\cmudax3.sys
2016-01-08 14:13:13 ----A---- C:\Windows\system32\cmudax3.dll
2016-01-08 14:13:06 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2016-01-08 14:05:28 ----D---- C:\Users\David\AppData\Roaming\Identities
2016-01-08 14:05:25 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2016-01-08 14:05:25 ----D---- C:\Users\David\AppData\Roaming\Media Center Programs
2016-01-08 14:05:22 ----SHD---- C:\Recovery
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Šablony
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Plocha
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Oblíbené položky
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Nabídka Start
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Dokumenty
2016-01-08 14:05:22 ----SHD---- C:\ProgramData\Data aplikací
2016-01-08 14:05:04 ----D---- C:\Windows\SoftwareDistribution
2016-01-08 13:58:28 ----D---- C:\Windows\Prefetch
2016-01-08 13:58:21 ----ASH---- C:\pagefile.sys
2016-01-08 13:58:18 ----SHD---- C:\System Volume Information
2016-01-08 13:58:18 ----ASH---- C:\hiberfil.sys
2016-01-08 13:57:41 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

[vaclavka83]

======List of files/folders modified in the last 1 month======

2016-01-31 18:19:42 ----D---- C:\Windows\Temp
2016-01-31 18:12:38 ----D---- C:\Windows\System32
2016-01-31 18:12:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-31 18:12:37 ----D---- C:\Windows\inf
2016-01-31 17:52:52 ----D---- C:\Windows\system32\config
2016-01-31 17:52:45 ----RD---- C:\Program Files (x86)
2016-01-31 17:52:45 ----HD---- C:\ProgramData
2016-01-31 16:34:35 ----RD---- C:\Program Files
2016-01-28 18:46:15 ----D---- C:\Program Files (x86)\Common Files
2016-01-27 18:03:25 ----D---- C:\Windows\system32\Tasks
2016-01-27 18:00:59 ----D---- C:\Program Files\Common Files
2016-01-26 13:16:13 ----D---- C:\Windows\system32\drivers
2016-01-25 17:27:16 ----D---- C:\Windows\Tasks
2016-01-25 17:24:47 ----D---- C:\Windows\SysWOW64
2016-01-22 20:01:45 ----D---- C:\Windows
2016-01-20 15:41:12 ----RSD---- C:\Windows\assembly
2016-01-19 06:57:50 ----D---- C:\Windows\system32\DriverStore
2016-01-19 06:57:43 ----D---- C:\Windows\system32\pt-PT
2016-01-19 06:57:43 ----D---- C:\Windows\system32\pt-BR
2016-01-19 06:57:43 ----D---- C:\Windows\system32\nl-NL
2016-01-19 06:57:43 ----D---- C:\Windows\system32\it-IT
2016-01-19 06:57:43 ----D---- C:\Windows\system32\fr-FR
2016-01-19 06:57:43 ----D---- C:\Windows\system32\es-ES
2016-01-19 06:57:42 ----D---- C:\Windows\system32\en-US
2016-01-19 06:57:42 ----D---- C:\Windows\system32\drivers\UMDF
2016-01-19 06:57:42 ----D---- C:\Windows\system32\de-DE
2016-01-17 01:51:25 ----D---- C:\Windows\system32\wdi
2016-01-17 01:51:06 ----D---- C:\Windows\winsxs
2016-01-15 17:46:06 ----D---- C:\Windows\Logs
2016-01-15 03:59:34 ----D---- C:\Windows\system32\LogFiles
2016-01-14 08:44:12 ----D---- C:\Windows\debug
2016-01-13 19:31:39 ----D---- C:\Windows\rescache
2016-01-13 17:50:26 ----D---- C:\Windows\AppPatch
2016-01-13 17:36:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-13 17:36:29 ----D---- C:\Windows\system32\cs-CZ
2016-01-13 17:14:29 ----D---- C:\Windows\system32\catroot
2016-01-13 17:06:39 ----D---- C:\Windows\system32\catroot2
2016-01-12 19:34:29 ----SD---- C:\ProgramData\Microsoft
2016-01-12 19:34:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-01-10 20:42:16 ----D---- C:\Windows\Microsoft.NET
2016-01-10 15:27:29 ----D---- C:\Windows\AppCompat
2016-01-09 19:09:38 ----RSD---- C:\Windows\Fonts
2016-01-09 18:52:40 ----D---- C:\Windows\SYSWOW64\wbem
2016-01-09 18:52:40 ----D---- C:\Windows\system32\wbem
2016-01-09 18:52:40 ----D---- C:\Windows\system32\drivers\en-US
2016-01-09 18:52:39 ----D---- C:\Windows\tracing
2016-01-09 18:52:39 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-09 18:52:39 ----D---- C:\Windows\SYSWOW64\Dism
2016-01-09 18:52:39 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-01-09 18:52:39 ----D---- C:\Windows\system32\Dism
2016-01-09 18:52:39 ----D---- C:\Windows\system32\AdvancedInstallers
2016-01-09 18:52:39 ----D---- C:\Windows\PolicyDefinitions
2016-01-09 18:52:38 ----D---- C:\Windows\SYSWOW64\migration
2016-01-09 18:52:38 ----D---- C:\Windows\system32\migration
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-TW
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-HK
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\zh-CN
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\tr-TR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\sv-SE
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pt-PT
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pt-BR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\nb-NO
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ko-KR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\ja-JP
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\it-IT
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\fr-FR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\fi-FI
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\es-ES
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\el-GR
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\de-DE
2016-01-09 11:00:03 ----D---- C:\Windows\SYSWOW64\da-DK
2016-01-09 11:00:03 ----D---- C:\Windows\system32\zh-HK
2016-01-09 11:00:03 ----D---- C:\Windows\system32\pl-PL
2016-01-09 11:00:03 ----D---- C:\Windows\system32\ko-KR
2016-01-09 11:00:03 ----D---- C:\Windows\system32\hu-HU
2016-01-09 11:00:03 ----D---- C:\Windows\system32\el-GR
2016-01-09 11:00:02 ----D---- C:\Windows\system32\zh-TW
2016-01-09 11:00:02 ----D---- C:\Windows\system32\zh-CN
2016-01-09 11:00:02 ----D---- C:\Windows\system32\tr-TR
2016-01-09 11:00:02 ----D---- C:\Windows\system32\sv-SE
2016-01-09 11:00:02 ----D---- C:\Windows\system32\ru-RU
2016-01-09 11:00:02 ----D---- C:\Windows\system32\nb-NO
2016-01-09 11:00:02 ----D---- C:\Windows\system32\ja-JP
2016-01-09 11:00:02 ----D---- C:\Windows\system32\fi-FI
2016-01-09 11:00:02 ----D---- C:\Windows\system32\da-DK
2016-01-09 10:58:56 ----D---- C:\Windows\LiveKernelReports
2016-01-09 09:46:28 ----D---- C:\Windows\ehome
2016-01-09 09:46:28 ----D---- C:\Program Files\Windows Media Player
2016-01-09 09:46:28 ----D---- C:\Program Files\Common Files\System
2016-01-09 09:46:28 ----D---- C:\Program Files (x86)\Windows Media Player
2016-01-09 09:46:25 ----D---- C:\Program Files\Windows Defender
2016-01-09 09:46:25 ----D---- C:\Program Files (x86)\Windows Defender
2016-01-09 09:46:24 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-09 09:46:24 ----D---- C:\Windows\system32\Boot
2016-01-09 09:46:19 ----D---- C:\Program Files\Windows Journal
2016-01-08 22:13:14 ----RD---- C:\Users
2016-01-08 15:55:14 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-01-08 14:50:35 ----D---- C:\Windows\system32\NDF
2016-01-08 14:30:53 ----D---- C:\Windows\system
2016-01-08 14:18:49 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-08 14:18:42 ----D---- C:\Windows\system32\restore
2016-01-08 14:05:28 ----SHD---- C:\$Recycle.Bin
2016-01-08 14:05:22 ----D---- C:\Windows\system32\Recovery
2016-01-08 14:05:22 ----D---- C:\Program Files\Windows NT
2016-01-08 13:59:23 ----D---- C:\Windows\system32\sysprep
2016-01-08 13:58:27 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-08 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-08 273784]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-01-08 147088]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-08 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-20 40344]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-08 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-08 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-08 155304]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-01-08 310904]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2009-05-20 1154560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-29 1966624]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2014-12-10 797400]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S1 vcdrom;Virtual CD-ROM Device Driver; \??\C:\Users\David\Desktop\VCdRom.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-11-25 2016448]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-08 226440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-01-08 5561368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-12 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[vaclavka83]

Bohužel nenastala.... Stále občas vyskakují... naposledy třeba toto http://cz.metin2.gameforge.com/landing? ... 0-a38071e8
http://free.videodownloadconverter.com/ ... &s3=CZ&s4=

[Rudy]

Udělejte následující skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[vaclavka83]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by David on po 01.02.2016 at 21:44:37,52.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\David\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1.2.2016 21:45:39 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\David\AppData\Roaming\MPC-HC deleted successfully
C:\Users\David\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz");
user_pref("browser.search.defaulturl", "https://www.google.com/search?trackid=sp-006");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search?trackid=sp-006");

Added to C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\David\.android deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\searchplugins\google-avast.xml deleted
C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\David\Desktop\FSDownloader.exe deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [08.01.2016 15:01]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\s1qlgygd.default
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
A107920551356DAEE665F0884F34D2D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll - Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08.01.2016 14:58]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5HK5HSB1 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\David\AppData\Local\Mozilla\Firefox\Profiles\s1qlgygd.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=30 folders=30 34475328 bytes)

==== Empty Temp Folders ======================

C:\Users\David\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\David\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5HK5HSB1" deleted

==== EOF on po 01.02.2016 at 22:19:18,24 ======================