Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka infikovaný email

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Preventivka infikovaný email

#1 Příspěvek od Mortiz696 »

Zdravím prosím o preventivku.
Dnes mému otci který se v internetovém světě moc neorientuje přišel email od "Alzy". Vněm se psalo že si má vyzvednout objednávku.I když na alze žádnou objednávku neuskutečnil ani v posledních pár letech tak i tak stáhl PDF soubor z emailu s takz.. fakturou naštěstí se mu při otevírání ozval filtr Smartscreen a ten mu doporučil PDF neotevírat protože je nebezpečný.Proto prosím o kontrolu.Ten PDF soubor se automaticky přesunul do koše a ve vlastnostech bylo psáno že je to šetřič obrazovky či co.Koš jsem vysypal ccleanerem.
Původ emailu je "Alza.cz (noreplyalza@seznam.cz)" a přišli rovnou 3 totožné ve stejný čas.

Log z RSIT je rozdělen nevlezl se sem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2016-08-01 18:39:05
Microsoft Windows 10 Home
System drive C: has 1405 GB (74%) free of 1907 GB
Total RAM: 8175 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:39:13, on 1.8.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0494)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [EaseUS Cleanup] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe" 10 300
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

--
End of file - 8688 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-07d4207a-436d-45ab-9cff-08851f91d5e8 -SystemEventPortName:HostProcess-555c772d-60bb-4a2e-8a87-34bfcfeab2ac -IoCancelEventPortName:HostProcess-01ba1f23-0413-4578-8ee1-658684c83862 -NonStateChangingEventPortName:HostProcess-df7c553f-73a9-4f7e-8405-ee2ca92ceddc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d43a6683-da0c-43a0-89dd-27191f976fe6 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel

"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
dashost.exe {a080d96c-b1c1-4b53-a1ed505c345377f6}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding


C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}
"fontdrvhost.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe315_ Global\UsGthrCtrlFltPipeMssGthrPipe315 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 632 636 644 8192 640

"C:\Users\Petr\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\7l71word.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2016-06-14 1767944]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18 14021336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-07-19 554184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-06-22 4299968]
"GalaxyClient"=C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [2016-07-04 3975232]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-07-13 8891608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EaseUS Cleanup"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe 10 300 []
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2016-06-16 134480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-01 18:39:05 ----D---- C:\rsit
2016-08-01 18:39:05 ----D---- C:\Program Files\trend micro
2016-08-01 18:18:20 ----D---- C:\Program Files\CCleaner
2016-08-01 18:16:58 ----D---- C:\Program Files (x86)\Google
2016-07-27 02:08:38 ----D---- C:\WINDOWS\LastGood.Tmp
2016-07-22 23:30:05 ----D---- C:\Program Files (x86)\CheckPoint
2016-07-22 23:29:40 ----D---- C:\ProgramData\CheckPoint
2016-07-22 05:51:40 ----A---- C:\WINDOWS\system32\drivers\ssudmdm.sys
2016-07-21 23:00:27 ----D---- C:\AdwCleaner
2016-07-21 19:36:00 ----D---- C:\WINDOWS\system32\SleepStudy
2016-07-21 17:25:20 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2016-07-21 17:25:19 ----D---- C:\Users\Petr\AppData\Roaming\Origin
2016-07-21 17:20:28 ----D---- C:\ProgramData\Origin
2016-07-21 17:20:27 ----D---- C:\ProgramData\Electronic Arts
2016-07-21 17:20:03 ----AD---- C:\Program Files (x86)\Origin
2016-07-21 17:17:55 ----D---- C:\Program Files (x86)\Ubisoft
2016-07-21 17:01:11 ----D---- C:\ProgramData\GOG.com
2016-07-21 17:01:11 ----AD---- C:\Program Files (x86)\GalaxyClient
2016-07-21 16:49:11 ----D---- C:\Program Files (x86)\Steam
2016-07-19 16:45:30 ----A---- C:\WINDOWS\system32\drivers\dtliteusbbus.sys
2016-07-19 16:45:11 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2016-07-19 16:45:11 ----A---- C:\WINDOWS\system32\drivers\dtlitescsibus.sys
2016-07-19 16:45:06 ----D---- C:\Program Files\DAEMON Tools Lite
2016-07-19 16:44:24 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-07-19 16:18:36 ----D---- C:\Program Files (x86)\Cypron Studios
2016-07-19 16:18:29 ----A---- C:\WINDOWS\IsUninst.exe
2016-07-19 15:32:07 ----D---- C:\Program Files (x86)\Adobe
2016-07-19 15:31:57 ----D---- C:\ProgramData\Adobe
2016-07-19 15:28:33 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2016-07-19 15:28:33 ----D---- C:\Program Files\Realtek
2016-07-19 15:28:15 ----A---- C:\WINDOWS\system32\RtPgEx64.dll
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\RtlCPAPI64.dll
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\RtkCoLDR64.dll
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\RtkCfg64.dll
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\RtkApi64.dll
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\RtDataProc64.dll
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\RTCOM64.dll
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\drivers\RTKVHD64.sys
2016-07-19 15:28:14 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2016-07-19 15:28:13 ----A---- C:\WINDOWS\system32\RltkAPO64.dll
2016-07-19 15:28:13 ----A---- C:\WINDOWS\system32\RCoRes64.dat
2016-07-19 15:28:13 ----A---- C:\WINDOWS\system32\RCoInstII64.dll
2016-07-19 15:28:12 ----A---- C:\WINDOWS\system32\R4EEP64A.dll
2016-07-19 15:28:12 ----A---- C:\WINDOWS\system32\R4EEL64A.dll
2016-07-19 15:28:12 ----A---- C:\WINDOWS\system32\R4EEG64A.dll
2016-07-19 15:28:12 ----A---- C:\WINDOWS\system32\R4EED64A.dll
2016-07-19 15:28:12 ----A---- C:\WINDOWS\system32\R4EEA64A.dll
2016-07-19 15:28:10 ----A---- C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-07-19 15:28:10 ----A---- C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-07-19 15:28:10 ----A---- C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-07-19 15:28:10 ----A---- C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-07-19 15:28:10 ----A---- C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DDPP64A.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DDPO64A.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DDPD64A.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\DDPA64.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\audioLibVc.dll
2016-07-19 15:28:09 ----A---- C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-07-19 15:28:06 ----HD---- C:\Program Files (x86)\Temp
2016-07-19 15:28:05 ----A---- C:\WINDOWS\RtlExUpd.dll
2016-07-19 14:59:46 ----D---- C:\Users\Petr\AppData\Roaming\WinRAR
2016-07-19 14:59:01 ----AD---- C:\Program Files\WinRAR
2016-07-19 14:36:37 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2016-07-19 14:33:37 ----D---- C:\Program Files (x86)\VideoLAN
2016-07-19 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\NvCamera32.dll
2016-07-19 14:02:34 ----A---- C:\WINDOWS\system32\NvCamera64.dll
2016-07-19 14:02:13 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2016-07-19 14:01:53 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2016-07-19 14:01:53 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2016-07-19 14:01:53 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2016-07-19 14:01:53 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2016-07-19 14:01:30 ----D---- C:\ProgramData\NVIDIA
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nvshext.dll
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nvmctray.dll
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nvcpl.dll
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2016-07-19 14:01:22 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2016-07-19 14:01:01 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-07-19 14:01:01 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\nvopencl.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-07-19 13:59:55 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\nvinitx.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\nvcuda.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\nvapi64.dll
2016-07-19 13:59:54 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2016-07-19 13:38:12 ----D---- C:\WINDOWS\system32\MRT
2016-07-19 13:38:05 ----A---- C:\WINDOWS\system32\MRT.exe
2016-07-19 13:36:25 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-07-19 13:36:23 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-07-19 13:36:22 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-07-19 13:36:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-07-19 13:36:22 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-07-19 13:36:21 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-07-19 13:36:21 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-19 13:36:21 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-07-19 13:36:20 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-07-19 13:36:20 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-07-19 13:36:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-07-19 13:36:20 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-07-19 13:36:20 ----A---- C:\WINDOWS\system32\drivers\dumpsdport.sys
2016-07-19 13:36:19 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-07-19 13:36:18 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-07-19 13:36:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-07-19 13:36:18 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-07-19 13:36:18 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-07-19 13:36:18 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-07-19 13:36:17 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-07-19 13:36:17 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-07-19 13:36:17 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-07-19 13:36:04 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2016-07-19 13:36:04 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2016-07-19 13:36:04 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-07-19 13:36:04 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-07-19 13:36:04 ----A---- C:\WINDOWS\system32\nvdispgenco6436881.dll
2016-07-19 13:36:04 ----A---- C:\WINDOWS\system32\nvdispco6436881.dll
2016-07-19 13:36:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-07-19 13:36:03 ----A---- C:\WINDOWS\system32\wmp.dll
2016-07-19 13:36:02 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-07-19 13:36:01 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-07-19 13:36:01 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-07-19 13:36:01 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-07-19 13:36:01 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-07-19 13:36:01 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-07-19 13:36:00 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-07-19 13:35:59 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-07-19 13:35:59 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-07-19 13:35:59 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-07-19 13:35:59 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-07-19 13:35:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2016-07-19 13:35:59 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-19 13:35:59 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-07-19 13:35:59 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-07-19 13:35:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-19 13:35:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-07-19 13:35:58 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-07-19 13:35:58 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-07-19 13:35:58 ----A---- C:\WINDOWS\system32\localspl.dll
2016-07-19 13:35:58 ----A---- C:\WINDOWS\system32\authui.dll
2016-07-19 13:35:57 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-07-19 13:35:57 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-07-19 13:35:57 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-07-19 13:35:57 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-07-19 13:35:57 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-07-19 13:35:56 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-19 13:35:56 ----A---- C:\WINDOWS\system32\aadtb.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\ole32.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\jscript.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-07-19 13:35:55 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\winmde.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2016-07-19 13:35:54 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\user32.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\shacct.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\provops.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\provengine.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2016-07-19 13:35:53 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-07-19 13:35:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-07-19 13:35:52 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-07-19 13:35:52 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-07-19 13:35:52 ----A---- C:\WINDOWS\system32\propsys.dll
2016-07-19 13:35:52 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-07-19 13:35:52 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2016-07-19 13:35:52 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-07-19 13:35:51 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-07-19 13:35:51 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-19 13:35:51 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-07-19 13:35:51 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-07-19 13:35:51 ----A---- C:\WINDOWS\system32\dui70.dll
2016-07-19 13:35:51 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\SYSWOW64\xpsservices.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\wpdshext.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-07-19 13:35:50 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-07-19 13:35:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-19 13:35:49 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\wmpps.dll
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\hal.dll
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2016-07-19 13:35:49 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\system32\webio.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\system32\StikyNot.exe
2016-07-19 13:35:48 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\system32\NetworkUXBroker.exe
2016-07-19 13:35:48 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-07-19 13:35:48 ----A---- C:\WINDOWS\system32\cdd.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\system32\inetpp.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\system32\cryptngc.dll
2016-07-19 13:35:47 ----A---- C:\WINDOWS\system32\browser.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\SYSWOW64\wlanui.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\SYSWOW64\ByteCodeGenerator.exe
2016-07-19 13:35:46 ----A---- C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\system32\ntprint.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\system32\duser.dll
2016-07-19 13:35:46 ----A---- C:\WINDOWS\system32\d3d10.dll
2016-07-19 13:35:45 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2016-07-19 13:35:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-19 13:35:45 ----A---- C:\WINDOWS\SYSWOW64\netcenter.dll
2016-07-19 13:35:45 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-07-19 13:35:45 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-07-19 13:35:45 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-07-19 13:35:45 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\WPDShServiceObj.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\SYSWOW64\dot3ui.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-07-19 13:35:44 ----A---- C:\WINDOWS\system32\RADCUI.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\system32\d3d10_1.dll
2016-07-19 13:35:44 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-07-19 13:35:43 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-07-19 13:35:43 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-07-19 13:35:42 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\system32\wininet.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-07-19 13:35:42 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-07-19 13:35:41 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-07-19 13:35:41 ----A---- C:\WINDOWS\system32\twinui.dll
2016-07-19 13:35:41 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-07-19 13:35:40 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-07-19 13:35:40 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-19 13:35:40 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-07-19 13:35:40 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-07-19 13:35:40 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-07-19 13:35:39 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-19 13:35:39 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-07-19 13:35:39 ----A---- C:\WINDOWS\explorer.exe
2016-07-19 13:35:38 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-07-19 13:35:38 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-19 13:35:38 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-07-19 13:35:38 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-07-19 13:35:37 ----A---- C:\WINDOWS\system32\Wpc.dll
2016-07-19 13:35:37 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-07-19 13:35:37 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-07-19 13:35:37 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-07-19 13:35:36 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-07-19 13:35:36 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-07-19 13:35:36 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2016-07-19 13:35:36 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-07-19 13:35:35 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2016-07-19 13:35:35 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-07-19 13:35:35 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-19 13:35:35 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-19 13:35:35 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-07-19 13:35:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\WpcMon.exe
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-07-19 13:35:34 ----A---- C:\WINDOWS\system32\dcomp.dll
2016-07-19 13:35:33 ----A---- C:\WINDOWS\SYSWOW64\tdlrecover.exe
2016-07-19 13:35:33 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2016-07-19 13:35:33 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-07-19 13:35:33 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2016-07-19 13:35:33 ----A---- C:\WINDOWS\system32\wininit.exe
2016-07-19 13:35:33 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-19 13:35:33 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-07-19 13:35:33 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-07-19 13:35:33 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-07-19 13:35:32 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\wmpmde.dll
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-19 13:35:32 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2016-07-19 13:35:31 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\wwanconn.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\rsaenh.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\drivers\ufxsynopsys.sys
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-07-19 13:35:31 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-07-19 13:35:30 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-07-19 13:35:30 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2016-07-19 13:35:30 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-07-19 13:35:30 ----A---- C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-19 13:35:30 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-07-19 13:35:30 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-07-19 13:35:30 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-07-19 13:35:30 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-07-19 13:35:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\WLanConn.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\winipcsecproc.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\omadmclient.exe
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\gameux.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\DMRServer.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-07-19 13:35:29 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-07-19 13:35:28 ----A---- C:\WINDOWS\system32\winipcfile.dll
2016-07-19 13:35:28 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-07-19 13:35:28 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-07-19 13:35:28 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2016-07-19 13:35:28 ----A---- C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-07-19 13:35:27 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-07-19 13:35:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2016-07-19 13:35:26 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-07-19 13:35:26 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2016-07-19 13:35:26 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-07-19 13:35:26 ----A---- C:\WINDOWS\system32\wcnwiz.dll
2016-07-19 13:35:26 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-07-19 13:35:26 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-07-19 13:35:25 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-07-19 13:35:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2016-07-19 13:35:25 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-07-19 13:35:25 ----A---- C:\WINDOWS\system32\wwanmm.dll
2016-07-19 13:35:25 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-19 13:35:25 ----A---- C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-07-19 13:35:25 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-19 13:35:25 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2016-07-19 13:35:25 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2016-07-19 13:35:24 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2016-07-19 13:35:24 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-07-19 13:35:24 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-19 13:35:24 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-07-19 13:35:23 ----A---- C:\WINDOWS\SYSWOW64\mssphtb.dll
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\efswrt.dll
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\Display.dll
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-07-19 13:35:23 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-07-19 13:35:22 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-07-19 13:35:22 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-07-19 13:35:22 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2016-07-19 13:35:22 ----A---- C:\WINDOWS\system32\browcli.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\SYSWOW64\sbe.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\WmpDui.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\wlanui.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\sud.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\credprovs.dll
2016-07-19 13:35:21 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-07-19 13:35:20 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2016-07-19 13:35:20 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2016-07-19 13:35:20 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-07-19 13:35:20 ----A---- C:\WINDOWS\system32\msieftp.dll
2016-07-19 13:35:19 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2016-07-19 13:35:19 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2016-07-19 13:35:19 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-07-19 13:35:19 ----A---- C:\WINDOWS\system32\winmsipc.dll
2016-07-19 13:35:19 ----A---- C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-19 13:35:19 ----A---- C:\WINDOWS\system32\samlib.dll
2016-07-19 13:35:18 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2016-07-19 13:35:18 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-19 13:35:18 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2016-07-19 13:35:18 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-19 13:35:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-07-19 13:35:18 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-19 13:35:18 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-07-19 13:35:18 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-19 13:35:17 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-07-19 13:35:17 ----A---- C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-19 13:35:16 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2016-07-19 13:35:16 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2016-07-19 13:35:16 ----A---- C:\WINDOWS\SYSWOW64\IconCodecService.dll
2016-07-19 13:35:16 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2016-07-19 13:35:16 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-19 13:35:16 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-07-19 13:35:15 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-07-19 13:35:15 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-07-19 13:35:15 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-07-19 13:35:15 ----A---- C:\WINDOWS\system32\werui.dll
2016-07-19 13:35:15 ----A---- C:\WINDOWS\system32\MTF.dll
2016-07-19 13:35:15 ----A---- C:\WINDOWS\system32\cdpreference.exe
2016-07-19 13:35:14 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-07-19 13:35:13 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-07-19 13:35:13 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-07-19 13:35:13 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-19 13:35:13 ----A---- C:\WINDOWS\system32\mos.dll
2016-07-19 13:35:13 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-07-19 13:35:13 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-07-19 13:35:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-07-19 13:35:12 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-07-19 13:35:12 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-07-19 13:35:12 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-19 13:35:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-19 13:35:11 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-07-19 13:35:11 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-19 13:35:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-07-19 13:35:10 ----A---- C:\WINDOWS\system32\SRH.dll
2016-07-19 13:35:08 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-07-19 13:35:06 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-07-19 13:35:00 ----A---- C:\WINDOWS\system32\tquery.dll
2016-07-19 13:35:00 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-07-19 13:34:59 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-07-19 13:34:59 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-07-19 13:34:58 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2016-07-19 13:34:58 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-07-19 13:34:58 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-19 13:34:57 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-07-19 13:34:57 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-07-19 13:34:57 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-07-19 13:34:57 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-07-19 13:34:57 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-07-19 13:34:57 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\SYSWOW64\LocationFramework.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\system32\mssrch.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-07-19 13:34:56 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-07-19 13:34:55 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-07-19 13:34:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-07-19 13:34:55 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-07-19 13:34:55 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-07-19 13:34:54 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2016-07-19 13:34:54 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\system32\mf.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-07-19 13:34:54 ----A---- C:\WINDOWS\system32\diagperf.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-07-19 13:34:53 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2016-07-19 13:34:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-07-19 13:34:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-07-19 13:34:52 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2016-07-19 13:34:52 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-07-19 13:34:52 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-07-19 13:34:52 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2016-07-19 13:34:52 ----A---- C:\WINDOWS\system32\ShareHost.dll
2016-07-19 13:34:52 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-07-19 13:34:52 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\SYSWOW64\ws2_32.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\setupapi.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\NotificationController.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\moshost.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2016-07-19 13:34:51 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-07-19 13:34:50 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2016-07-19 13:34:50 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-07-19 13:34:50 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-07-19 13:34:50 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-07-19 13:34:50 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-07-19 13:34:50 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-19 13:34:50 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-07-19 13:34:50 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-07-19 13:34:50 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2016-07-19 13:34:50 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-07-19 13:34:50 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2016-07-19 13:34:49 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-07-19 13:34:49 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-07-19 13:34:49 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-07-19 13:34:49 ----A---- C:\WINDOWS\system32\WSShared.dll
2016-07-19 13:34:49 ----A---- C:\WINDOWS\system32\mswsock.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\wldp.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\mssphtb.dll
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-07-19 13:34:48 ----A---- C:\WINDOWS\system32\APHostService.dll
2016-07-19 13:34:47 ----A---- C:\WINDOWS\SYSWOW64\winipcsecproc.dll
2016-07-19 13:34:47 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2016-07-19 13:34:47 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-07-19 13:34:47 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-19 13:34:47 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-19 13:34:47 ----A---- C:\WINDOWS\system32\phoneactivate.exe
2016-07-19 13:34:47 ----A---- C:\WINDOWS\system32\internetmail.dll
2016-07-19 13:34:47 ----A---- C:\WINDOWS\system32\fhcfg.dll
2016-07-19 13:34:47 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-07-19 13:34:46 ----A---- C:\WINDOWS\system32\WSService.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\SYSWOW64\Clipc.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\sbe.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\newdev.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\mfpmp.exe
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\edputil.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2016-07-19 13:34:45 ----A---- C:\WINDOWS\system32\apprepapi.dll
2016-07-19 13:34:44 ----A---- C:\WINDOWS\SYSWOW64\wiaaut.dll
2016-07-19 13:34:44 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-07-19 13:34:44 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2016-07-19 13:34:44 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-07-19 13:34:43 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-07-19 13:34:43 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-07-19 13:34:43 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-07-19 13:34:43 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2016-07-19 13:34:43 ----A---- C:\WINDOWS\HelpPane.exe
2016-07-19 13:34:42 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-07-19 13:34:42 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-07-19 13:34:42 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2016-07-19 13:34:42 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-19 13:34:42 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-19 13:34:41 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2016-07-19 13:34:41 ----A---- C:\WINDOWS\SYSWOW64\winipcfile.dll
2016-07-19 13:34:41 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2016-07-19 13:34:41 ----A---- C:\WINDOWS\SYSWOW64\licensingdiag.exe
2016-07-19 13:34:41 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2016-07-19 13:34:41 ----A---- C:\WINDOWS\system32\WSSync.dll
2016-07-19 13:34:41 ----A---- C:\WINDOWS\system32\WSClient.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\oemlicense.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\msieftp.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\SYSWOW64\Display.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\system32\mssph.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\system32\GamePanel.exe
2016-07-19 13:34:40 ----A---- C:\WINDOWS\system32\fhengine.dll
2016-07-19 13:34:40 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2016-07-19 13:34:39 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-07-19 13:34:39 ----A---- C:\WINDOWS\system32\httpprxp.dll
2016-07-19 13:34:39 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2016-07-19 13:34:38 ----A---- C:\WINDOWS\SYSWOW64\WmpDui.dll
2016-07-19 13:34:38 ----A---- C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-19 13:34:38 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-19 13:34:38 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-07-19 13:34:38 ----A---- C:\WINDOWS\system32\adhsvc.dll
2016-07-19 13:34:37 ----A---- C:\WINDOWS\SYSWOW64\winmsipc.dll
2016-07-19 13:34:37 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2016-07-19 13:34:37 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-07-19 13:34:37 ----A---- C:\WINDOWS\system32\msscntrs.dll
2016-07-19 13:34:37 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-19 13:34:37 ----A---- C:\WINDOWS\system32\httpprxm.dll
2016-07-19 13:34:37 ----A---- C:\WINDOWS\system32\diagtrack_win.dll
2016-07-19 13:34:37 ----A---- C:\WINDOWS\system32\apprepsync.dll
2016-07-19 13:34:36 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-07-19 13:34:36 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-07-19 13:34:36 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-07-19 13:34:36 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-19 13:34:36 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-07-19 13:34:36 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-07-19 13:34:36 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-07-19 13:34:35 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-07-19 13:34:35 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-07-19 13:34:35 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-07-19 13:34:35 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-07-19 13:34:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-07-19 13:34:35 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-07-19 13:34:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-07-19 13:34:34 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-07-19 13:34:34 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-07-19 13:34:34 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-07-19 13:34:34 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-07-19 13:34:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-07-19 13:34:33 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-07-19 13:34:32 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-07-19 13:34:32 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-07-19 13:34:32 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-07-19 13:34:32 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-07-19 13:34:32 ----A---- C:\WINDOWS\system32\esent.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-07-19 13:34:31 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-07-19 13:34:30 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-07-19 13:34:30 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-07-19 13:34:30 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-07-19 13:34:30 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-07-19 13:34:30 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-07-19 13:34:30 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2016-07-19 13:34:30 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-07-19 13:34:30 ----A---- C:\WINDOWS\system32\gpsvc.dll
2016-07-19 13:34:29 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-07-19 13:34:29 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-07-19 13:34:29 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-07-19 13:34:29 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-07-19 13:34:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-07-19 13:34:29 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-07-19 13:34:29 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-07-19 13:34:29 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-07-19 13:34:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\tdlrecover.exe
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-07-19 13:34:28 ----A---- C:\WINDOWS\system32\AppContracts.dll
2016-07-19 13:34:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2016-07-19 13:34:27 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2016-07-19 13:34:27 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2016-07-19 13:34:27 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-07-19 13:34:27 ----A---- C:\WINDOWS\SYSWOW64\d3d10level9.dll
2016-07-19 13:34:27 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2016-07-19 13:34:27 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-19 13:34:27 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-19 13:34:26 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-07-19 13:34:26 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2016-07-19 13:34:26 ----A---- C:\WINDOWS\system32\schannel.dll
2016-07-19 13:34:26 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-07-19 13:34:26 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-07-19 13:34:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-07-19 13:34:25 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-07-19 13:34:25 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-19 13:34:25 ----A---- C:\WINDOWS\system32\fveui.dll
2016-07-19 13:34:25 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\ws2_32.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\rastls.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\pnidui.dll
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-07-19 13:34:24 ----A---- C:\WINDOWS\system32\eappcfg.dll
2016-07-19 13:34:23 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2016-07-19 13:34:23 ----A---- C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-19 13:34:21 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsRaw.dll
2016-07-19 13:34:21 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2016-07-19 13:34:21 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\taskeng.exe
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\SimCfg.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\vpnike.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\SimCfg.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\SimAuth.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\schtasks.exe
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\polstore.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\netshell.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\gpapi.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\drivers\filecrypt.sys
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\certcli.dll
2016-07-19 13:34:20 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsExt.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\SimAuth.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\wups.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\themeui.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\GnssAdapter.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\eappgnui.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\Clipc.dll
2016-07-19 13:34:19 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\WSSync.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\WSClient.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Speech.Pal.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\edputil.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\oemlicense.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\ieui.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\IconCodecService.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\eappprxy.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\eapphost.dll
2016-07-19 13:34:18 ----A---- C:\WINDOWS\system32\drivers\Ndu.sys
2016-07-19 13:34:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-07-19 13:34:17 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-07-19 13:34:17 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-07-19 13:34:17 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2016-07-19 13:34:16 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-07-19 13:34:16 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-07-19 13:34:16 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-07-19 13:34:15 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-07-19 13:34:14 ----A---- C:\WINDOWS\system32\shell32.dll
2016-07-19 13:34:14 ----A---- C:\WINDOWS\system32\InputService.dll
2016-07-19 13:34:14 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-07-19 13:34:14 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-19 13:34:13 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-07-19 13:34:12 ----A---- C:\WINDOWS\system32\winresume.exe
2016-07-19 13:34:12 ----A---- C:\WINDOWS\system32\winload.exe
2016-07-19 13:34:12 ----A---- C:\WINDOWS\system32\invagent.dll
2016-07-19 13:34:12 ----A---- C:\WINDOWS\system32\devinv.dll
2016-07-19 13:34:12 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-19 13:34:12 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-07-19 13:34:12 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-07-19 13:34:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-07-19 13:34:11 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-07-19 13:34:11 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-07-19 13:34:10 ----A---- C:\WINDOWS\system32\msi.dll
2016-07-19 13:34:10 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-19 13:34:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-07-19 13:34:09 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-07-19 13:34:09 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-07-19 13:34:09 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-07-19 13:34:09 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-07-19 13:34:09 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-19 13:34:09 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-07-19 13:34:08 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-07-19 13:34:08 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-07-19 13:34:08 ----A---- C:\WINDOWS\system32\aepic.dll
2016-07-19 13:34:07 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-07-19 13:34:07 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2016-07-19 13:34:07 ----A---- C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-19 13:34:07 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-07-19 13:34:07 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-07-19 13:34:06 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-07-19 13:34:06 ----A---- C:\WINDOWS\system32\xpsservices.dll
2016-07-19 13:34:06 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\werconcpl.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\usocore.dll
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\drivers\sdport.sys
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-07-19 13:34:05 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2016-07-19 13:34:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-07-19 13:34:04 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-07-19 13:34:04 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-07-19 13:34:04 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2016-07-19 13:34:04 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-07-19 13:34:04 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2016-07-19 13:34:03 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-07-19 13:34:03 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-07-19 13:34:03 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-07-19 13:34:03 ----A---- C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-19 13:34:03 ----A---- C:\WINDOWS\system32\taskeng.exe
2016-07-19 13:34:03 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-19 13:34:03 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-07-19 13:34:03 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-07-19 13:34:03 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-07-19 13:34:02 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-07-19 13:34:02 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2016-07-19 13:34:02 ----A---- C:\WINDOWS\SYSWOW64\dui70.dll
2016-07-19 13:34:02 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-19 13:34:02 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-19 13:34:02 ----A---- C:\WINDOWS\system32\dwminit.dll
2016-07-19 13:34:02 ----A---- C:\WINDOWS\system32\dlnashext.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\SYSWOW64\mfpmp.exe
2016-07-19 13:34:01 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\SYSWOW64\dmdskmgr.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\system32\netcenter.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\system32\hmkd.dll
2016-07-19 13:34:01 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-07-19 13:34:00 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\SYSWOW64\ProximityCommon.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\system32\taskcomp.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\system32\sdengin2.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\system32\rasgcw.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\system32\dot3ui.dll
2016-07-19 13:34:00 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-07-19 13:33:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.Search.dll
2016-07-19 13:33:59 ----A---- C:\WINDOWS\SYSWOW64\duser.dll
2016-07-19 13:33:59 ----A---- C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-19 13:33:59 ----A---- C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-19 13:33:58 ----A---- C:\WINDOWS\SYSWOW64\WLanConn.dll
2016-07-19 13:33:58 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll
2016-07-19 13:33:58 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2016-07-19 13:33:58 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2016-07-19 13:33:58 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2016-07-19 13:33:58 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\system32\wiaaut.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\system32\sdshext.dll
2016-07-19 13:33:57 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-19 13:25:50 ----SHD---- C:\Recovery
2016-07-19 13:25:44 ----DC---- C:\WINDOWS\Panther
2016-07-19 13:23:44 ----D---- C:\Windows.old
2016-07-19 13:22:16 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-07-19 13:22:14 ----D---- C:\Program Files\Reference Assemblies
2016-07-19 13:22:14 ----D---- C:\Program Files\MSBuild
2016-07-19 13:22:14 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-07-19 13:22:14 ----D---- C:\Program Files (x86)\MSBuild
2016-07-19 13:21:28 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-07-19 13:21:28 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-07-19 13:21:28 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-19 13:21:27 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-07-19 13:21:27 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-07-19 13:21:27 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-07-19 12:58:36 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2016-07-19 12:58:36 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2016-07-19 12:58:35 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2016-07-19 12:58:35 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2016-07-19 12:58:35 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2016-07-19 12:58:35 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2016-07-19 12:58:32 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2016-07-19 12:58:32 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2016-07-19 12:58:32 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2016-07-19 12:58:32 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2016-07-19 12:58:32 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-07-19 12:57:51 ----D---- C:\ProgramData\Package Cache
2016-07-19 12:57:16 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2016-07-19 12:57:16 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2016-07-19 12:57:16 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2016-07-19 12:50:36 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2016-07-19 12:50:36 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2016-07-19 12:50:36 ----A---- C:\WINDOWS\system32\prm0009.dll
2016-07-19 12:50:36 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2016-07-19 12:50:36 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2016-07-19 12:35:59 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-07-19 12:31:49 ----D---- C:\Program Files\Common Files\SpeechEngines
2016-07-19 12:31:13 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2016-07-19 12:28:11 ----D---- C:\ProgramData\NVIDIA Corporation
2016-07-19 12:28:00 ----D---- C:\Program Files\NVIDIA Corporation
2016-07-19 12:28:00 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-07-19 12:27:26 ----D---- C:\WINDOWS\Prefetch
2016-07-19 12:26:29 ----ASH---- C:\swapfile.sys
2016-07-19 00:31:10 ----HD---- C:\$WINDOWS.~BT
2016-07-19 00:29:36 ----A---- C:\WINDOWS\progress.ini
2016-07-19 00:17:23 ----D---- C:\Users\Petr\AppData\Roaming\Macromedia
2016-07-19 00:17:23 ----D---- C:\Users\Petr\AppData\Roaming\Adobe
2016-07-18 23:20:34 ----HD---- C:\$GetCurrent
2016-07-18 23:20:23 ----D---- C:\Windows10Upgrade
2016-07-18 18:22:38 ----D---- C:\Nová složka
2016-07-18 18:01:23 ----D---- C:\Users\Petr\AppData\Roaming\epm
2016-07-18 14:51:15 ----D---- C:\ProgramData\redistpart
2016-07-18 14:50:56 ----D---- C:\ProgramData\launcher
2016-07-18 14:50:56 ----D---- C:\ProgramData\explauncher
2016-07-18 14:50:45 ----D---- C:\Program Files\Paragon Software
2016-07-18 14:38:10 ----A---- C:\WINDOWS\system32\pwNative.exe
2016-07-18 14:38:10 ----A---- C:\WINDOWS\system32\pwdrvio.sys
2016-07-18 14:38:09 ----A---- C:\WINDOWS\system32\pwdspio.sys
2016-07-18 14:07:51 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-07-18 14:06:03 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2016-07-18 14:05:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-18 14:05:55 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-07-18 13:39:55 ----A---- C:\WINDOWS\system32\RTNUninst64.dll
2016-07-18 13:39:55 ----A---- C:\WINDOWS\system32\RtNicProp64.dll
2016-07-18 13:39:55 ----A---- C:\WINDOWS\system32\drivers\Rt64win7.sys
2016-07-18 13:39:51 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-07-18 13:39:51 ----D---- C:\Program Files (x86)\Realtek
2016-07-18 13:34:47 ----RASH---- C:\BOOTSECT.BAK
2016-07-18 13:34:45 ----SHD---- C:\Boot
2016-07-18 12:59:56 ----D---- C:\Users\Petr\AppData\Roaming\Identities
2016-07-18 12:59:49 ----D---- C:\Users\Petr\AppData\Roaming\Media Center Programs
2016-07-18 12:59:44 ----SHD---- C:\ProgramData\Šablony
2016-07-18 12:59:44 ----SHD---- C:\ProgramData\Plocha
2016-07-18 12:59:44 ----SHD---- C:\ProgramData\Oblíbené položky
2016-07-18 12:59:44 ----SHD---- C:\ProgramData\Nabídka Start
2016-07-18 12:59:44 ----SHD---- C:\ProgramData\Dokumenty
2016-07-18 12:59:44 ----SHD---- C:\ProgramData\Data aplikací
2016-07-18 12:38:28 ----D---- C:\WINDOWS\SoftwareDistribution
2016-07-18 12:35:43 ----SHD---- C:\System Volume Information
2016-07-18 12:35:43 ----ASH---- C:\pagefile.sys
2016-07-18 12:35:43 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2016-08-01 18:39:05 ----RD---- C:\Program Files
2016-08-01 18:27:00 ----SHD---- C:\WINDOWS\Installer
2016-08-01 18:27:00 ----D---- C:\WINDOWS\Temp
2016-08-01 18:22:45 ----RD---- C:\Program Files (x86)
2016-08-01 18:22:44 ----D---- C:\WINDOWS\Tasks
2016-08-01 18:19:34 ----D---- C:\WINDOWS\INF
2016-08-01 18:19:29 ----D---- C:\WINDOWS\Logs
2016-08-01 18:19:29 ----D---- C:\WINDOWS\debug
2016-08-01 18:19:29 ----D---- C:\Windows
2016-08-01 18:18:25 ----D---- C:\WINDOWS\system32\Tasks
2016-08-01 17:36:00 ----D---- C:\WINDOWS\System32
2016-08-01 17:36:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-01 16:54:00 ----D---- C:\WINDOWS\system32\sru
2016-08-01 15:00:17 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-01 02:32:28 ----HD---- C:\ProgramData
2016-08-01 01:39:02 ----RD---- C:\serial petr
2016-07-31 12:37:30 ----D---- C:\WINDOWS\system32\config
2016-07-31 12:27:29 ----D---- C:\WINDOWS\AppReadiness
2016-07-30 12:20:01 ----HD---- C:\Program Files\WindowsApps
2016-07-27 09:02:26 ----D---- C:\WINDOWS\system32\drivers
2016-07-27 02:09:49 ----D---- C:\WINDOWS\system32\DriverStore
2016-07-26 12:37:56 ----SHD---- C:\$Recycle.Bin
2016-07-24 12:41:09 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-07-22 23:36:40 ----D---- C:\WINDOWS\system32\drivers\etc
2016-07-22 23:35:46 ----D---- C:\WINDOWS\WinSxS
2016-07-22 19:47:15 ----D---- C:\WINDOWS\rescache
2016-07-22 14:24:44 ----RD---- C:\WINDOWS\assembly
2016-07-21 17:20:22 ----D---- C:\WINDOWS\SysWOW64
2016-07-21 17:20:10 ----D---- C:\Program Files\Common Files\microsoft shared
2016-07-21 17:01:11 ----RSD---- C:\WINDOWS\Fonts
2016-07-21 16:49:15 ----D---- C:\Program Files (x86)\Common Files
2016-07-21 13:28:55 ----D---- C:\WINDOWS\appcompat
2016-07-20 21:49:21 ----D---- C:\WINDOWS\system32\WDI
2016-07-19 14:13:16 ----D---- C:\WINDOWS\CbsTemp
2016-07-19 14:01:22 ----D---- C:\WINDOWS\Help
2016-07-19 13:48:35 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-07-19 13:48:34 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-07-19 13:48:27 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-07-19 13:48:27 ----D---- C:\WINDOWS\system32\wbem
2016-07-19 13:48:27 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-07-19 13:48:27 ----D---- C:\WINDOWS\system32\oobe
2016-07-19 13:48:27 ----D---- C:\WINDOWS\system32\migration
2016-07-19 13:48:26 ----SD---- C:\WINDOWS\system32\DiagSvcs
2016-07-19 13:48:26 ----D---- C:\WINDOWS\system32\en-US
2016-07-19 13:48:26 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-07-19 13:48:26 ----D---- C:\WINDOWS\system32\cs-CZ
2016-07-19 13:48:26 ----D---- C:\WINDOWS\system32\Boot
2016-07-19 13:48:26 ----D---- C:\WINDOWS\system32\appraiser
2016-07-19 13:48:24 ----RD---- C:\WINDOWS\PrintDialog
2016-07-19 13:48:24 ----D---- C:\WINDOWS\Provisioning
2016-07-19 13:48:24 ----D---- C:\WINDOWS\PolicyDefinitions
2016-07-19 13:48:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-07-19 13:48:22 ----RD---- C:\WINDOWS\DevicesFlow
2016-07-19 13:48:21 ----D---- C:\WINDOWS\bcastdvr
2016-07-19 13:48:19 ----D---- C:\WINDOWS\AppPatch
2016-07-19 13:48:18 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-07-19 13:48:18 ----D---- C:\Program Files (x86)\Windows Mail
2016-07-19 13:48:18 ----D---- C:\Program Files (x86)\Windows Defender
2016-07-19 13:48:17 ----D---- C:\Program Files\Windows Photo Viewer
2016-07-19 13:48:17 ----D---- C:\Program Files\Windows Mail
2016-07-19 13:48:17 ----D---- C:\Program Files\Windows Journal
2016-07-19 13:48:17 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-19 13:48:16 ----D---- C:\Program Files\Windows Defender
2016-07-19 13:48:16 ----D---- C:\Program Files\Internet Explorer
2016-07-19 13:25:26 ----D---- C:\WINDOWS\Setup
2016-07-19 13:22:16 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-07-19 13:22:16 ----D---- C:\WINDOWS\system32\MUI
2016-07-19 13:11:46 ----D---- C:\WINDOWS\system32\catroot2
2016-07-19 12:57:31 ----D---- C:\WINDOWS\system32\restore
2016-07-19 12:50:39 ----D---- C:\WINDOWS\OCR
2016-07-19 12:44:26 ----SD---- C:\ProgramData\Microsoft
2016-07-19 12:37:55 ----D---- C:\Program Files\Windows NT
2016-07-19 12:37:47 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-07-19 12:37:00 ----D---- C:\WINDOWS\Registration
2016-07-19 12:35:46 ----RSD---- C:\WINDOWS\Media
2016-07-19 12:35:46 ----D---- C:\WINDOWS\system32\LogFiles
2016-07-19 12:32:24 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-07-19 12:32:03 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2016-07-19 12:32:02 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-07-19 12:32:02 ----D---- C:\WINDOWS\SYSWOW64\IME
2016-07-19 12:32:00 ----D---- C:\WINDOWS\system32\NDF
2016-07-19 12:32:00 ----D---- C:\WINDOWS\system32\Macromed
2016-07-19 12:32:00 ----D---- C:\WINDOWS\system32\IME
2016-07-19 12:31:56 ----D---- C:\WINDOWS\schemas
2016-07-19 12:31:55 ----D---- C:\WINDOWS\ehome
2016-07-19 12:31:54 ----RD---- C:\Users
2016-07-19 12:31:51 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-07-19 12:31:50 ----SHD---- C:\Program Files\Windows Sidebar
2016-07-19 12:31:50 ----D---- C:\Program Files\Microsoft Games
2016-07-19 12:31:49 ----D---- C:\Program Files\DVD Maker
2016-07-19 12:31:49 ----D---- C:\Program Files\Common Files
2016-07-19 12:31:42 ----D---- C:\WINDOWS\system32\Recovery
2016-07-19 12:30:42 ----D---- C:\WINDOWS\system32\Sysprep
2016-07-02 06:37:58 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
Naposledy upravil(a) Mortiz696 dne 01 srp 2016 18:08, celkem upraveno 1 x.
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Preventivka infikovaný email

#2 Příspěvek od Mortiz696 »

Zbytek logu RSIT:

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 19152]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 dtlitescsibus;@oem14.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-07-19 30264]
R3 dtliteusbbus;@oem15.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-07-19 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-18 4496600]
R3 MEIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;@oem9.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-07-12 214592]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-07-13 13675576]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;@oem10.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RTL8167;@oem2.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt64win7.sys [2016-05-20 1028352]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-04-27 117248]
S3 dg_ssudbus;@oem18.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;@oem20.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-05-28 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-04-23 131424]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Sériový ovladač USB od společnosti Microsoft; C:\WINDOWS\System32\drivers\usbser.sys [2016-04-23 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-07-11 1362880]
R2 OneSyncSvc_936f8d5;Hostitel synchronizace_936f8d5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-07-11 424384]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-01 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_46494;Hostitel synchronizace_46494; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-19 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-06-22 1467072]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2016-07-04 244800]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2016-07-04 6211648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-01 153752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_936f8d5;Služba zasílání zpráv_936f8d5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-07-21 2122248]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_936f8d5;Data kontaktů_936f8d5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_936f8d5;Úložiště uživatelských dat_936f8d5; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc_936f8d5;Přístup k uživatelským datům_936f8d5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13400
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Preventivka infikovaný email

#3 Příspěvek od Roli »

Zdravím,

už jen to, že taková firma jako Alza nebude mít kontakt co@seznam.cz by mělo být podezřelé, ale chápu řeším s rodiči podobné věci často :)


Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Preventivka infikovaný email

#4 Příspěvek od Mortiz696 »

Tak tady je log z AdwCleaneru:

# AdwCleaner v5.201 - Log vytvořen 02/08/2016 v 17:08:59
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-08-02.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : Petr - PETR-PC
# Spuštěno z : C:\Users\Petr\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
[-] Klíč Smazáno : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1199 bytů] - [02/08/2016 17:08:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [804 bytů] - [21/07/2016 23:00:50]
C:\AdwCleaner\AdwCleaner[S2].txt - [876 bytů] - [21/07/2016 23:36:43]
C:\AdwCleaner\AdwCleaner[S3].txt - [948 bytů] - [01/08/2016 18:09:31]
C:\AdwCleaner\AdwCleaner[S4].txt - [1453 bytů] - [02/08/2016 17:08:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1561 bytů] ##########



log z Mban:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 2.8.2016
Čas skenování: 17:27
Protokol: mban.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.08.02.08
Databáze rootkitů: v2016.05.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 522312
Uplynulý čas: 1 hod, 34 min, 13 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13400
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Preventivka infikovaný email

#5 Příspěvek od Roli »

Mbam nyní odinstaluj a ještě pro jistotu spusť skener Cure It podle TOHOTO návodu

po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Preventivka infikovaný email

#6 Příspěvek od Mortiz696 »

Tak jsem provedl a vyskočil "zatray.exe:3008 Trojan.PWS.Panda.5661 že prý zneškodněn ale vzápětí jsem test zopakoval a znovu se ukázal. Navíc jsem se na netu dočetl že má tento proces spojitost s firewallem Zone Alarm je tedy možné že je to falešná detekce ?

Zde log č.1.

Total 9684752658 bytes in 27730 files scanned (33411 objects)
Total 27686 files (33364 objects) are clean
Total 0 files (1 object) is infected
Total 1 file are neutralized
Total 47 files are raised error condition
Scan time is 00:09:13.012

Zde log č.2.

Total 552749364474 bytes in 271544 files scanned (490249 objects)
Total 271393 files (490093 objects) are clean
Total 2 files (3 objects) are infected
Total 1 file are neutralized
Total 151 files (153 objects) are raised error condition
Scan time is 01:41:52.191

-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------

C:\ProgramData\Microsoft\Windows Defender\Scans\FilesStash\90D16D63-89E3-ACC8-391A-B6BBDD4BE950_1d1edb2355f7d6e - deleted
C:\Users\Petr\Downloads\DriverToolkitInstaller.exe - deleted

Total 552749364474 bytes in 271544 files scanned (490249 objects)
Total 271393 files (490093 objects) are clean
Total 2 files (3 objects) are infected
Total 3 files are neutralized
Total 151 files (153 objects) are raised error condition
Scan time is 01:41:52.191
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13400
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Preventivka infikovaný email

#7 Příspěvek od Roli »

Mortiz696 píše:Tak jsem provedl a vyskočil "zatray.exe:3008 Trojan.PWS.Panda.5661 že prý zneškodněn ale vzápětí jsem test zopakoval a znovu se ukázal. Navíc jsem se na netu dočetl že má tento proces spojitost s firewallem Zone Alarm je tedy možné že je to falešná detekce ?
Ano patří ZoneAlarmu, tak že v pořádku, no a jak se chová PC ?
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Preventivka infikovaný email

#8 Příspěvek od Mortiz696 »

Žádný problém nepociťuji :) .
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13400
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Preventivka infikovaný email

#9 Příspěvek od Roli »

V tom případě je to z mé strany vše.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Preventivka infikovaný email

#10 Příspěvek od Mortiz696 »

V tom případě děkuji za pomoc a můžete téma zamknout :thumbsup: .
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13400
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Preventivka infikovaný email

#11 Příspěvek od Roli »

Není zač a :closed:
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“