Cau,vsimol som si ze mi ghostery prestal blokovat alebo neblokuje uplne iste druhy reklam. Dva mesiace,mozno dozadu mi avira nieco nasla a mazala.
Chcel by som poprosit o kontrolo logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2016-08-24 18:01:00
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 42 GB (41%) free of 104 GB
Total RAM: 8132 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:03, on 24. 8. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
F:\Steam\Steam.exe
F:\Steam\bin\steamwebhelper.exe
F:\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Users\Public\Desktop\Origin\OriginClientService.exe
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7797 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 2852
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000788
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
"C:\Windows\system32\wuauclt.exe"
F:\Steam\Steam.exe
F:\Steam\bin\steamwebhelper.exe "-cachedir=C:\Users\Martin\AppData\Local\Steam\htmlcache" "-steampid=1084" "-buildid=1471977975" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"F:\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="F:\Steam\bin\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="1720.0.1796542735\742609308" --font-cache-shared-handle=1196 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Martin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ss8nayk4.default-1470506759666
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40620.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-05 58640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-26 14030080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-07-25 66328]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
"Raptr"=C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-05 58640]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-08-24 18:01:00 ----D---- C:\rsit
2016-08-24 18:01:00 ----D---- C:\Program Files\trend micro
2016-08-23 17:43:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-22 17:16:29 ----A---- C:\Windows\ntbtlog.txt
2016-08-20 09:47:56 ----D---- C:\Users\Martin\AppData\Roaming\Raptr
2016-08-20 09:47:56 ----D---- C:\Program Files (x86)\Raptr
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspisrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsass.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\adtschema.dll
2016-08-19 20:05:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-08-19 20:05:21 ----A---- C:\Windows\system32\tzres.dll
2016-08-19 20:04:38 ----A---- C:\Windows\system32\win32k.sys
2016-08-02 18:25:39 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-08-02 18:25:39 ----A---- C:\Windows\system32\WMPhoto.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\InkEd.dll
2016-08-01 18:19:50 ----A---- C:\Windows\system32\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-08-01 18:19:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\cdd.dll
2016-08-01 18:19:46 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\FntCache.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\DWrite.dll
2016-08-01 18:19:45 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-08-01 18:19:45 ----A---- C:\Windows\system32\user32.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-08-01 18:19:43 ----A---- C:\Windows\system32\davclnt.dll
2016-08-01 18:19:42 ----A---- C:\Windows\system32\samsrv.dll
2016-08-01 18:19:41 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-08-01 18:19:41 ----A---- C:\Windows\system32\samlib.dll
2016-08-01 18:19:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-08-01 18:19:40 ----A---- C:\Windows\system32\d2d1.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\mtxoci.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\CPFilters.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-08-01 18:19:25 ----A---- C:\Windows\system32\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\system32\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\dxmasf.dll
2016-08-01 18:19:23 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-08-01 18:19:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-08-01 18:17:32 ----A---- C:\Windows\system32\ole32.dll
2016-08-01 18:17:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\sysmain.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-08-01 18:17:17 ----A---- C:\Windows\system32\msmmsp.dll
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv.sys
2016-08-01 18:17:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-08-01 18:17:06 ----A---- C:\Windows\system32\wksprt.exe
2016-08-01 18:17:06 ----A---- C:\Windows\system32\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-08-01 18:16:58 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\quartz.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\mcmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\SysFxUI.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\devenum.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-08-01 18:16:50 ----A---- C:\Windows\system32\basesrv.dll
2016-08-01 18:16:44 ----A---- C:\Windows\system32\schedsvc.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\oleaut32.dll
2016-08-01 18:16:40 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-08-01 18:16:40 ----A---- C:\Windows\system32\asycfilt.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\wpnpinst.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\localspl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetppui.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetpp.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-08-01 18:16:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpsvc.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-08-01 18:15:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-08-01 18:15:11 ----A---- C:\Windows\system32\d3d10warp.dll
2016-08-01 18:15:09 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpudd.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpcorets.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\d3d10level9.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\system32\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\afd.sys
2016-08-01 18:15:07 ----A---- C:\Windows\notepad.exe
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\ws2_32.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\winhttp.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\mswsock.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-08-01 18:15:01 ----A---- C:\Windows\system32\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\catsrvut.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-08-01 18:15:00 ----A---- C:\Windows\system32\netbtugc.exe
2016-08-01 18:14:59 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aepic.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aeinv.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmfd.dll
2016-08-01 18:14:57 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-08-01 18:14:57 ----A---- C:\Windows\system32\seclogon.dll
2016-08-01 18:12:30 ----A---- C:\Windows\system32\jnwmon.dll
2016-08-01 18:12:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-08-01 18:12:26 ----A---- C:\Windows\system32\gdi32.dll
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntdll.dll
2016-08-01 18:10:18 ----A---- C:\Windows\system32\advapi32.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64win.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winload.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srcore.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\smss.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\rstrui.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-08-01 18:10:17 ----A---- C:\Windows\system32\csrsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\conhost.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidapi.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-08-01 18:10:09 ----A---- C:\Windows\SYSWOW64\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\drivers\ndis.sys
======List of files/folders modified in the last 1 month======
2016-08-24 18:01:04 ----D---- C:\Windows\Temp
2016-08-24 18:01:00 ----RD---- C:\Program Files
2016-08-24 17:05:15 ----D---- C:\Windows\system32\config
2016-08-24 16:56:02 ----D---- C:\Windows\System32
2016-08-24 16:56:02 ----D---- C:\Windows\inf
2016-08-24 16:56:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-24 16:49:51 ----D---- C:\Windows
2016-08-24 16:49:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-23 17:44:11 ----RD---- C:\Program Files (x86)
2016-08-21 16:41:32 ----D---- C:\Users\Martin\AppData\Roaming\MPC-HC
2016-08-21 16:32:20 ----D---- C:\Windows\Logs
2016-08-21 16:32:19 ----D---- C:\Windows\debug
2016-08-20 23:43:26 ----D---- C:\Windows\Microsoft.NET
2016-08-20 11:28:08 ----RSD---- C:\Windows\assembly
2016-08-20 11:27:43 ----SHD---- C:\System Volume Information
2016-08-20 09:59:05 ----D---- C:\Windows\system32\Tasks
2016-08-20 09:57:44 ----D---- C:\Windows\system32\catroot
2016-08-20 09:47:54 ----SHD---- C:\Windows\Installer
2016-08-20 09:47:54 ----SHD---- C:\Config.Msi
2016-08-20 09:47:52 ----D---- C:\Windows\SysWOW64
2016-08-20 09:47:52 ----D---- C:\Program Files\AMD
2016-08-20 09:47:42 ----D---- C:\Program Files (x86)\VulkanRT
2016-08-20 09:46:11 ----D---- C:\Windows\system32\drivers
2016-08-20 09:45:33 ----D---- C:\Windows\system32\DriverStore
2016-08-19 20:11:15 ----D---- C:\Windows\winsxs
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\en-US
2016-08-19 20:09:51 ----D---- C:\Windows\system32\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\system32\en-US
2016-08-19 20:08:20 ----D---- C:\Windows\system32\MRT
2016-08-19 20:05:56 ----AC---- C:\Windows\system32\MRT.exe
2016-08-19 20:04:58 ----D---- C:\Windows\system32\catroot2
2016-08-16 17:14:17 ----D---- C:\ProgramData\Package Cache
2016-08-02 18:56:04 ----D---- C:\Windows\system32\drivers\en-US
2016-08-02 18:56:02 ----D---- C:\Windows\ehome
2016-08-02 18:55:58 ----D---- C:\Windows\AppPatch
2016-08-02 18:55:56 ----D---- C:\Windows\system32\migration
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Media Player
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Journal
2016-08-02 18:55:56 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-02 18:55:55 ----D---- C:\Windows\system32\CodeIntegrity
2016-08-02 18:55:55 ----D---- C:\Windows\system32\Boot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-06-03 1443776]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-06-03 31144]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-07-28 145984]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-07-15 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2016-07-19 305032]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-07-28 171752]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-18 79696]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-18 26708992]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-18 500736]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-30 96256]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-18 26136]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-26 4509440]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-03-30 803600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-19 986368]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-18 269824]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-07-28 472112]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-07-28 472112]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-07-25 319648]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-07-28 989696]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-07-28 1453696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-03-11 32528]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-21 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-23 146888]
S3 Origin Client Service;Origin Client Service; C:\Users\Public\Desktop\Origin\OriginClientService.exe [2016-07-05 2122248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-03 1452320]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-05-16 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podozrenie na haved,preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie na haved,preventivka
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie na haved,preventivka
Cau,nic nenaslo.Tak asi budem museit nahodit adblock
# *Mode: Clean
# *Support : https://toolslib.net/forum
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [775 *Bytes] - [26/08/2016 18:32:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [1181 *Bytes] - [26/08/2016 18:32:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [922 *Bytes] ##########
# *Mode: Clean
# *Support : https://toolslib.net/forum
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [775 *Bytes] - [26/08/2016 18:32:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [1181 *Bytes] - [26/08/2016 18:32:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [922 *Bytes] ##########
Tykat.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie na haved,preventivka
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie na haved,preventivka
Toz otazka,dava sa 1 mesiac ked sa kontroluje cez rsit. Mne sa to ale stalo tusim 2-3 mesiace dozadu. Stahoval som jdownloader a kopec nazorov na to je ze je to cely malware software. Bolo tam odporucanie to stiahnut ako offline verziu. Odvtedy mi nieco avira nasla. Pravda je ze som si stiahol aj warez verizu sony vegas a crack. Ten crack tiez nejako zvlastne blbne..BTW po nainstalovani adblocku reklama zmizla az na jeden druh taky textovy. Nemam screen,...
Tu je log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2016-08-29 15:16:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 39 GB (38%) free of 104 GB
Total RAM: 8132 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:16:28, on 29. 8. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Users\Public\Desktop\Origin\OriginClientService.exe
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7661 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000774
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --newver --raptr_installed_over_plays
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 3956
"C:\Users\Martin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ss8nayk4.default-1470506759666
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40620.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-26 14030080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-08-04 67864]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
"Raptr"=C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-08-29 15:12:08 ----D---- C:\_OTM
2016-08-26 18:31:35 ----D---- C:\AdwCleaner
2016-08-25 16:50:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-24 18:01:00 ----D---- C:\rsit
2016-08-24 18:01:00 ----D---- C:\Program Files\trend micro
2016-08-22 17:16:29 ----A---- C:\Windows\ntbtlog.txt
2016-08-20 09:47:56 ----D---- C:\Users\Martin\AppData\Roaming\Raptr
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspisrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsass.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\adtschema.dll
2016-08-19 20:05:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-08-19 20:05:21 ----A---- C:\Windows\system32\tzres.dll
2016-08-19 20:04:38 ----A---- C:\Windows\system32\win32k.sys
2016-08-02 18:25:39 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-08-02 18:25:39 ----A---- C:\Windows\system32\WMPhoto.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\InkEd.dll
2016-08-01 18:19:50 ----A---- C:\Windows\system32\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-08-01 18:19:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\cdd.dll
2016-08-01 18:19:46 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\FntCache.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\DWrite.dll
2016-08-01 18:19:45 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-08-01 18:19:45 ----A---- C:\Windows\system32\user32.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-08-01 18:19:43 ----A---- C:\Windows\system32\davclnt.dll
2016-08-01 18:19:42 ----A---- C:\Windows\system32\samsrv.dll
2016-08-01 18:19:41 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-08-01 18:19:41 ----A---- C:\Windows\system32\samlib.dll
2016-08-01 18:19:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-08-01 18:19:40 ----A---- C:\Windows\system32\d2d1.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\mtxoci.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\CPFilters.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-08-01 18:19:25 ----A---- C:\Windows\system32\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\system32\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\dxmasf.dll
2016-08-01 18:19:23 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-08-01 18:19:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-08-01 18:17:32 ----A---- C:\Windows\system32\ole32.dll
2016-08-01 18:17:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\sysmain.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-08-01 18:17:17 ----A---- C:\Windows\system32\msmmsp.dll
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv.sys
2016-08-01 18:17:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-08-01 18:17:06 ----A---- C:\Windows\system32\wksprt.exe
2016-08-01 18:17:06 ----A---- C:\Windows\system32\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-08-01 18:16:58 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\quartz.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\mcmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\SysFxUI.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\devenum.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-08-01 18:16:50 ----A---- C:\Windows\system32\basesrv.dll
2016-08-01 18:16:44 ----A---- C:\Windows\system32\schedsvc.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\oleaut32.dll
2016-08-01 18:16:40 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-08-01 18:16:40 ----A---- C:\Windows\system32\asycfilt.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\wpnpinst.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\localspl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetppui.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetpp.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-08-01 18:16:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpsvc.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-08-01 18:15:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-08-01 18:15:11 ----A---- C:\Windows\system32\d3d10warp.dll
2016-08-01 18:15:09 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpudd.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpcorets.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\d3d10level9.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\system32\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\afd.sys
2016-08-01 18:15:07 ----A---- C:\Windows\notepad.exe
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\ws2_32.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\winhttp.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\mswsock.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-08-01 18:15:01 ----A---- C:\Windows\system32\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\catsrvut.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-08-01 18:15:00 ----A---- C:\Windows\system32\netbtugc.exe
2016-08-01 18:14:59 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aepic.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aeinv.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmfd.dll
2016-08-01 18:14:57 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-08-01 18:14:57 ----A---- C:\Windows\system32\seclogon.dll
2016-08-01 18:12:30 ----A---- C:\Windows\system32\jnwmon.dll
2016-08-01 18:12:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-08-01 18:12:26 ----A---- C:\Windows\system32\gdi32.dll
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntdll.dll
2016-08-01 18:10:18 ----A---- C:\Windows\system32\advapi32.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64win.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winload.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srcore.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\smss.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\rstrui.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-08-01 18:10:17 ----A---- C:\Windows\system32\csrsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\conhost.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidapi.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-08-01 18:10:09 ----A---- C:\Windows\SYSWOW64\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\drivers\ndis.sys
======List of files/folders modified in the last 1 month======
2016-08-29 15:16:27 ----D---- C:\Windows\Temp
2016-08-29 15:15:36 ----RD---- C:\Program Files (x86)
2016-08-29 15:13:53 ----D---- C:\Windows\SysWOW64
2016-08-29 15:13:53 ----D---- C:\Windows\System32
2016-08-29 11:23:19 ----D---- C:\Windows\system32\config
2016-08-29 10:38:55 ----D---- C:\Windows\inf
2016-08-29 10:38:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-26 17:37:52 ----D---- C:\ProgramData\Package Cache
2016-08-26 17:37:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-25 18:19:38 ----SHD---- C:\Windows\Installer
2016-08-25 18:19:37 ----SHD---- C:\Config.Msi
2016-08-24 18:01:00 ----RD---- C:\Program Files
2016-08-24 16:49:51 ----D---- C:\Windows
2016-08-21 16:41:32 ----D---- C:\Users\Martin\AppData\Roaming\MPC-HC
2016-08-21 16:32:20 ----D---- C:\Windows\Logs
2016-08-21 16:32:19 ----D---- C:\Windows\debug
2016-08-20 23:43:26 ----D---- C:\Windows\Microsoft.NET
2016-08-20 11:28:08 ----RSD---- C:\Windows\assembly
2016-08-20 11:27:43 ----SHD---- C:\System Volume Information
2016-08-20 09:59:05 ----D---- C:\Windows\system32\Tasks
2016-08-20 09:57:44 ----D---- C:\Windows\system32\catroot
2016-08-20 09:47:52 ----D---- C:\Program Files\AMD
2016-08-20 09:47:42 ----D---- C:\Program Files (x86)\VulkanRT
2016-08-20 09:46:11 ----D---- C:\Windows\system32\drivers
2016-08-20 09:45:33 ----D---- C:\Windows\system32\DriverStore
2016-08-19 20:11:15 ----D---- C:\Windows\winsxs
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\en-US
2016-08-19 20:09:51 ----D---- C:\Windows\system32\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\system32\en-US
2016-08-19 20:08:20 ----D---- C:\Windows\system32\MRT
2016-08-19 20:05:56 ----AC---- C:\Windows\system32\MRT.exe
2016-08-19 20:04:58 ----D---- C:\Windows\system32\catroot2
2016-08-02 18:56:04 ----D---- C:\Windows\system32\drivers\en-US
2016-08-02 18:56:02 ----D---- C:\Windows\ehome
2016-08-02 18:55:58 ----D---- C:\Windows\AppPatch
2016-08-02 18:55:56 ----D---- C:\Windows\system32\migration
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Media Player
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Journal
2016-08-02 18:55:56 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-02 18:55:55 ----D---- C:\Windows\system32\CodeIntegrity
2016-08-02 18:55:55 ----D---- C:\Windows\system32\Boot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-06-03 1443776]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-06-03 31144]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-07-28 145984]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-07-15 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2016-07-19 305032]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-07-28 171752]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-18 79696]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-18 26708992]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-18 500736]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-30 96256]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-18 26136]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-26 4509440]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-03-30 803600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-19 986368]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-18 269824]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-07-28 472112]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-07-28 472112]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-08-04 320672]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-07-28 989696]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-07-28 1453696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-03-11 32528]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-21 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-25 146888]
S3 Origin Client Service;Origin Client Service; C:\Users\Public\Desktop\Origin\OriginClientService.exe [2016-07-05 2122248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-05-16 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Tu je log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2016-08-29 15:16:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 39 GB (38%) free of 104 GB
Total RAM: 8132 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:16:28, on 29. 8. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Users\Public\Desktop\Origin\OriginClientService.exe
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7661 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000774
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --newver --raptr_installed_over_plays
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 3956
"C:\Users\Martin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ss8nayk4.default-1470506759666
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40620.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-26 14030080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-08-04 67864]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
"Raptr"=C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-08-29 15:12:08 ----D---- C:\_OTM
2016-08-26 18:31:35 ----D---- C:\AdwCleaner
2016-08-25 16:50:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-24 18:01:00 ----D---- C:\rsit
2016-08-24 18:01:00 ----D---- C:\Program Files\trend micro
2016-08-22 17:16:29 ----A---- C:\Windows\ntbtlog.txt
2016-08-20 09:47:56 ----D---- C:\Users\Martin\AppData\Roaming\Raptr
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspisrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsass.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\adtschema.dll
2016-08-19 20:05:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-08-19 20:05:21 ----A---- C:\Windows\system32\tzres.dll
2016-08-19 20:04:38 ----A---- C:\Windows\system32\win32k.sys
2016-08-02 18:25:39 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-08-02 18:25:39 ----A---- C:\Windows\system32\WMPhoto.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\InkEd.dll
2016-08-01 18:19:50 ----A---- C:\Windows\system32\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-08-01 18:19:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\cdd.dll
2016-08-01 18:19:46 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\FntCache.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\DWrite.dll
2016-08-01 18:19:45 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-08-01 18:19:45 ----A---- C:\Windows\system32\user32.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-08-01 18:19:43 ----A---- C:\Windows\system32\davclnt.dll
2016-08-01 18:19:42 ----A---- C:\Windows\system32\samsrv.dll
2016-08-01 18:19:41 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-08-01 18:19:41 ----A---- C:\Windows\system32\samlib.dll
2016-08-01 18:19:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-08-01 18:19:40 ----A---- C:\Windows\system32\d2d1.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\mtxoci.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\CPFilters.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-08-01 18:19:25 ----A---- C:\Windows\system32\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\system32\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\dxmasf.dll
2016-08-01 18:19:23 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-08-01 18:19:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-08-01 18:17:32 ----A---- C:\Windows\system32\ole32.dll
2016-08-01 18:17:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\sysmain.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-08-01 18:17:17 ----A---- C:\Windows\system32\msmmsp.dll
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv.sys
2016-08-01 18:17:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-08-01 18:17:06 ----A---- C:\Windows\system32\wksprt.exe
2016-08-01 18:17:06 ----A---- C:\Windows\system32\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-08-01 18:16:58 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\quartz.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\mcmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\SysFxUI.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\devenum.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-08-01 18:16:50 ----A---- C:\Windows\system32\basesrv.dll
2016-08-01 18:16:44 ----A---- C:\Windows\system32\schedsvc.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\oleaut32.dll
2016-08-01 18:16:40 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-08-01 18:16:40 ----A---- C:\Windows\system32\asycfilt.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\wpnpinst.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\localspl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetppui.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetpp.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-08-01 18:16:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpsvc.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-08-01 18:15:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-08-01 18:15:11 ----A---- C:\Windows\system32\d3d10warp.dll
2016-08-01 18:15:09 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpudd.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpcorets.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\d3d10level9.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\system32\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\afd.sys
2016-08-01 18:15:07 ----A---- C:\Windows\notepad.exe
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\ws2_32.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\winhttp.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\mswsock.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-08-01 18:15:01 ----A---- C:\Windows\system32\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\catsrvut.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-08-01 18:15:00 ----A---- C:\Windows\system32\netbtugc.exe
2016-08-01 18:14:59 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aepic.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aeinv.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmfd.dll
2016-08-01 18:14:57 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-08-01 18:14:57 ----A---- C:\Windows\system32\seclogon.dll
2016-08-01 18:12:30 ----A---- C:\Windows\system32\jnwmon.dll
2016-08-01 18:12:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-08-01 18:12:26 ----A---- C:\Windows\system32\gdi32.dll
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntdll.dll
2016-08-01 18:10:18 ----A---- C:\Windows\system32\advapi32.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64win.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winload.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srcore.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\smss.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\rstrui.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-08-01 18:10:17 ----A---- C:\Windows\system32\csrsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\conhost.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidapi.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-08-01 18:10:09 ----A---- C:\Windows\SYSWOW64\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\drivers\ndis.sys
======List of files/folders modified in the last 1 month======
2016-08-29 15:16:27 ----D---- C:\Windows\Temp
2016-08-29 15:15:36 ----RD---- C:\Program Files (x86)
2016-08-29 15:13:53 ----D---- C:\Windows\SysWOW64
2016-08-29 15:13:53 ----D---- C:\Windows\System32
2016-08-29 11:23:19 ----D---- C:\Windows\system32\config
2016-08-29 10:38:55 ----D---- C:\Windows\inf
2016-08-29 10:38:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-26 17:37:52 ----D---- C:\ProgramData\Package Cache
2016-08-26 17:37:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-25 18:19:38 ----SHD---- C:\Windows\Installer
2016-08-25 18:19:37 ----SHD---- C:\Config.Msi
2016-08-24 18:01:00 ----RD---- C:\Program Files
2016-08-24 16:49:51 ----D---- C:\Windows
2016-08-21 16:41:32 ----D---- C:\Users\Martin\AppData\Roaming\MPC-HC
2016-08-21 16:32:20 ----D---- C:\Windows\Logs
2016-08-21 16:32:19 ----D---- C:\Windows\debug
2016-08-20 23:43:26 ----D---- C:\Windows\Microsoft.NET
2016-08-20 11:28:08 ----RSD---- C:\Windows\assembly
2016-08-20 11:27:43 ----SHD---- C:\System Volume Information
2016-08-20 09:59:05 ----D---- C:\Windows\system32\Tasks
2016-08-20 09:57:44 ----D---- C:\Windows\system32\catroot
2016-08-20 09:47:52 ----D---- C:\Program Files\AMD
2016-08-20 09:47:42 ----D---- C:\Program Files (x86)\VulkanRT
2016-08-20 09:46:11 ----D---- C:\Windows\system32\drivers
2016-08-20 09:45:33 ----D---- C:\Windows\system32\DriverStore
2016-08-19 20:11:15 ----D---- C:\Windows\winsxs
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\en-US
2016-08-19 20:09:51 ----D---- C:\Windows\system32\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\system32\en-US
2016-08-19 20:08:20 ----D---- C:\Windows\system32\MRT
2016-08-19 20:05:56 ----AC---- C:\Windows\system32\MRT.exe
2016-08-19 20:04:58 ----D---- C:\Windows\system32\catroot2
2016-08-02 18:56:04 ----D---- C:\Windows\system32\drivers\en-US
2016-08-02 18:56:02 ----D---- C:\Windows\ehome
2016-08-02 18:55:58 ----D---- C:\Windows\AppPatch
2016-08-02 18:55:56 ----D---- C:\Windows\system32\migration
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Media Player
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Journal
2016-08-02 18:55:56 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-02 18:55:55 ----D---- C:\Windows\system32\CodeIntegrity
2016-08-02 18:55:55 ----D---- C:\Windows\system32\Boot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-06-03 1443776]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-06-03 31144]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-07-28 145984]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-07-15 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2016-07-19 305032]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-07-28 171752]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-18 79696]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-18 26708992]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-18 500736]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-30 96256]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-18 26136]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-26 4509440]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-03-30 803600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-19 986368]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-18 269824]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-07-28 472112]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-07-28 472112]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-08-04 320672]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-07-28 989696]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-07-28 1453696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-03-11 32528]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-21 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-25 146888]
S3 Origin Client Service;Origin Client Service; C:\Users\Public\Desktop\Origin\OriginClientService.exe [2016-07-05 2122248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-05-16 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Tykat.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie na haved,preventivka
Můžete to samozřejmě změnit a pak spustit. Jen poznámka: kdybyste nelezl na warez, neměl byste tento problém. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podozrenie na haved,preventivka
takze nic sa nepodarilo take najst?
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2016-09-01 13:28:43
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 47 GB (45%) free of 104 GB
Total RAM: 8132 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:45, on 1. 9. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Users\Public\Desktop\Origin\OriginClientService.exe
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7720 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000630
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 3440
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
taskeng.exe {302534E2-834A-41B6-9CA2-37BA0D5B1372}
taskeng.exe {16AEFBFA-7578-49A4-B1D3-D4B20607B948}
C:\Windows\System32\mobsync.exe -Embedding
"C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\update.exe" configfile="C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\intermediate.conf"
"C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe"
"C:\Users\Martin\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ss8nayk4.default-1470506759666
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40620.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-26 14030080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-08-04 67864]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
"Raptr"=C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2016-08-29 15:12:08 ----D---- C:\_OTM
2016-08-26 18:31:35 ----D---- C:\AdwCleaner
2016-08-25 16:50:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-24 18:01:00 ----D---- C:\rsit
2016-08-24 18:01:00 ----D---- C:\Program Files\trend micro
2016-08-22 17:16:29 ----A---- C:\Windows\ntbtlog.txt
2016-08-20 09:47:56 ----D---- C:\Users\Martin\AppData\Roaming\Raptr
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspisrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsass.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\adtschema.dll
2016-08-19 20:05:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-08-19 20:05:21 ----A---- C:\Windows\system32\tzres.dll
2016-08-19 20:04:38 ----A---- C:\Windows\system32\win32k.sys
2016-08-02 18:25:39 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-08-02 18:25:39 ----A---- C:\Windows\system32\WMPhoto.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\InkEd.dll
2016-08-01 18:19:50 ----A---- C:\Windows\system32\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-08-01 18:19:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\cdd.dll
2016-08-01 18:19:46 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\FntCache.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\DWrite.dll
2016-08-01 18:19:45 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-08-01 18:19:45 ----A---- C:\Windows\system32\user32.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-08-01 18:19:43 ----A---- C:\Windows\system32\davclnt.dll
2016-08-01 18:19:42 ----A---- C:\Windows\system32\samsrv.dll
2016-08-01 18:19:41 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-08-01 18:19:41 ----A---- C:\Windows\system32\samlib.dll
2016-08-01 18:19:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-08-01 18:19:40 ----A---- C:\Windows\system32\d2d1.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\mtxoci.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\CPFilters.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-08-01 18:19:25 ----A---- C:\Windows\system32\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\system32\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\dxmasf.dll
2016-08-01 18:19:23 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-08-01 18:19:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-08-01 18:17:32 ----A---- C:\Windows\system32\ole32.dll
2016-08-01 18:17:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\sysmain.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-08-01 18:17:17 ----A---- C:\Windows\system32\msmmsp.dll
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv.sys
2016-08-01 18:17:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-08-01 18:17:06 ----A---- C:\Windows\system32\wksprt.exe
2016-08-01 18:17:06 ----A---- C:\Windows\system32\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-08-01 18:16:58 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\quartz.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\mcmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\SysFxUI.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\devenum.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-08-01 18:16:50 ----A---- C:\Windows\system32\basesrv.dll
2016-08-01 18:16:44 ----A---- C:\Windows\system32\schedsvc.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\oleaut32.dll
2016-08-01 18:16:40 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-08-01 18:16:40 ----A---- C:\Windows\system32\asycfilt.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\wpnpinst.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\localspl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetppui.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetpp.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-08-01 18:16:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpsvc.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-08-01 18:15:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-08-01 18:15:11 ----A---- C:\Windows\system32\d3d10warp.dll
2016-08-01 18:15:09 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpudd.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpcorets.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\d3d10level9.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\system32\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\afd.sys
2016-08-01 18:15:07 ----A---- C:\Windows\notepad.exe
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\ws2_32.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\winhttp.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\mswsock.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-08-01 18:15:01 ----A---- C:\Windows\system32\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\catsrvut.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-08-01 18:15:00 ----A---- C:\Windows\system32\netbtugc.exe
2016-08-01 18:14:59 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aepic.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aeinv.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmfd.dll
2016-08-01 18:14:57 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-08-01 18:14:57 ----A---- C:\Windows\system32\seclogon.dll
2016-08-01 18:12:30 ----A---- C:\Windows\system32\jnwmon.dll
2016-08-01 18:12:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-08-01 18:12:26 ----A---- C:\Windows\system32\gdi32.dll
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntdll.dll
2016-08-01 18:10:18 ----A---- C:\Windows\system32\advapi32.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64win.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winload.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srcore.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\smss.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\rstrui.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-08-01 18:10:17 ----A---- C:\Windows\system32\csrsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\conhost.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidapi.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-08-01 18:10:09 ----A---- C:\Windows\SYSWOW64\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-07-19 00:22:10 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-19 00:22:10 ----A---- C:\Windows\system32\amdave64.dll
2016-07-19 00:22:04 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-19 00:22:02 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-19 00:21:58 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-19 00:21:58 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-19 00:21:56 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-19 00:21:56 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-19 00:21:42 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-19 00:21:40 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-19 00:21:38 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-19 00:21:30 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-19 00:21:20 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-19 00:21:12 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-19 00:21:04 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-19 00:20:54 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-19 00:20:50 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-19 00:20:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-19 00:07:28 ----A---- C:\Windows\system32\amfrt64.dll
2016-07-19 00:06:02 ----A---- C:\Windows\SYSWOW64\amfrt32.dll
2016-07-19 00:04:46 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-18 23:54:52 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-18 23:42:24 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-18 23:37:38 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-18 23:31:54 ----A---- C:\Windows\system32\coinst_16.30.dll
2016-07-18 23:28:24 ----A---- C:\Windows\system32\clinfo.exe
2016-07-18 23:28:12 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-18 23:27:00 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-18 23:25:52 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-18 23:25:48 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-18 23:22:58 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-18 23:22:16 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-18 23:21:48 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-18 23:21:38 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-18 23:21:38 ----A---- C:\Windows\system32\mantle64.dll
2016-07-18 23:21:26 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-18 23:21:10 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-18 23:11:18 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-18 23:06:24 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-18 23:04:42 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-18 23:04:38 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-18 23:03:22 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-18 23:03:14 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-18 22:46:50 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-18 22:46:44 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-18 22:46:40 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-18 22:46:32 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-18 22:46:30 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-18 22:46:18 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-18 22:45:20 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-18 22:39:22 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-18 22:39:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-18 22:39:18 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-18 22:39:14 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-18 22:39:08 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-18 22:39:00 ----A---- C:\Windows\system32\atieah64.exe
2016-07-18 22:38:58 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-18 22:38:52 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-18 22:38:50 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-18 22:38:50 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-18 22:38:48 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-18 22:38:42 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-18 22:38:24 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-18 22:37:38 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-18 22:33:38 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-18 22:33:30 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-18 22:33:30 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-18 22:33:22 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-18 22:33:18 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-18 22:33:18 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-18 22:33:14 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-18 22:33:04 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-18 22:32:52 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-18 22:29:22 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-18 22:29:16 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-18 16:51:10 ----A---- C:\Windows\system32\amdacpusl.dll
2016-07-18 16:51:02 ----A---- C:\Windows\SYSWOW64\amdacpusl.dll
2016-07-16 10:58:42 ----SHD---- C:\Config.Msi
2016-07-07 12:18:20 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-01 22:19:43 ----D---- C:\Users\Martin\AppData\Roaming\Carbon
2016-06-23 20:22:00 ----A---- C:\Windows\SYSWOW64\vulkan-1-1-0-17-0.dll
2016-06-23 20:21:24 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-1-0-17-0.exe
2016-06-23 20:21:06 ----A---- C:\Windows\system32\vulkan-1-1-0-17-0.dll
2016-06-23 20:20:28 ----A---- C:\Windows\system32\vulkaninfo-1-1-0-17-0.exe
2016-06-17 20:50:52 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-06-17 20:45:10 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-06-16 20:09:36 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-06 22:51:58 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-06 22:47:58 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-03 16:56:08 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-06-03 16:56:08 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-06-03 16:56:08 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-06-03 16:56:08 ----A---- C:\Windows\system32\vulkan-1.dll
2016-06-03 16:55:58 ----D---- C:\Program Files (x86)\VulkanRT
2016-06-03 16:55:29 ----D---- C:\Program Files (x86)\AMD
2016-06-03 16:53:50 ----D---- C:\Users\Martin\AppData\Roaming\ATI
2016-06-03 16:53:50 ----D---- C:\ProgramData\ATI
======List of files/folders modified in the last 3 months======
2016-09-01 13:28:43 ----D---- C:\Windows\Temp
2016-09-01 09:43:42 ----D---- C:\Windows\system32\config
2016-09-01 09:33:49 ----D---- C:\Windows\System32
2016-09-01 09:33:49 ----D---- C:\Windows\inf
2016-09-01 09:33:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-29 20:37:22 ----SHD---- C:\System Volume Information
2016-08-29 15:15:36 ----RD---- C:\Program Files (x86)
2016-08-29 15:13:53 ----D---- C:\Windows\SysWOW64
2016-08-26 17:37:52 ----D---- C:\ProgramData\Package Cache
2016-08-26 17:37:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-25 18:19:38 ----SHD---- C:\Windows\Installer
2016-08-24 18:01:00 ----RD---- C:\Program Files
2016-08-24 16:49:51 ----D---- C:\Windows
2016-08-21 16:41:32 ----D---- C:\Users\Martin\AppData\Roaming\MPC-HC
2016-08-21 16:32:20 ----D---- C:\Windows\Logs
2016-08-21 16:32:19 ----D---- C:\Windows\debug
2016-08-20 23:43:26 ----D---- C:\Windows\Microsoft.NET
2016-08-20 11:28:08 ----RSD---- C:\Windows\assembly
2016-08-20 09:59:05 ----D---- C:\Windows\system32\Tasks
2016-08-20 09:57:44 ----D---- C:\Windows\system32\catroot
2016-08-20 09:47:52 ----D---- C:\Program Files\AMD
2016-08-20 09:46:11 ----D---- C:\Windows\system32\drivers
2016-08-20 09:45:33 ----D---- C:\Windows\system32\DriverStore
2016-08-19 20:11:15 ----D---- C:\Windows\winsxs
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\en-US
2016-08-19 20:09:51 ----D---- C:\Windows\system32\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\system32\en-US
2016-08-19 20:08:20 ----D---- C:\Windows\system32\MRT
2016-08-19 20:05:56 ----AC---- C:\Windows\system32\MRT.exe
2016-08-19 20:04:58 ----D---- C:\Windows\system32\catroot2
2016-08-02 18:56:04 ----D---- C:\Windows\system32\drivers\en-US
2016-08-02 18:56:02 ----D---- C:\Windows\ehome
2016-08-02 18:55:58 ----D---- C:\Windows\AppPatch
2016-08-02 18:55:56 ----D---- C:\Windows\system32\migration
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Media Player
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Journal
2016-08-02 18:55:56 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-02 18:55:55 ----D---- C:\Windows\system32\CodeIntegrity
2016-08-02 18:55:55 ----D---- C:\Windows\system32\Boot
2016-07-24 16:54:30 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2016-07-19 00:21:44 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-19 00:21:34 ----A---- C:\Windows\system32\aticfx64.dll
2016-07-19 00:21:24 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-18 22:39:04 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-17 14:39:06 ----D---- C:\ProgramData\Origin
2016-07-16 10:54:28 ----D---- C:\AMD
2016-07-12 21:54:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-12 20:54:05 ----D---- C:\Windows\system32\Macromed
2016-07-12 20:54:04 ----D---- C:\Windows\SYSWOW64\Macromed
2016-06-03 16:53:50 ----HD---- C:\ProgramData
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-06-03 1443776]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-06-03 31144]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-07-28 145984]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-07-15 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2016-07-19 305032]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-07-28 171752]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-18 79696]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-18 26708992]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-18 500736]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-30 96256]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-18 26136]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-26 4509440]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-03-30 803600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-19 986368]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-18 269824]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-07-28 472112]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-07-28 472112]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-08-04 320672]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-07-28 989696]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-07-28 1453696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-03-11 32528]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-21 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-25 146888]
S3 Origin Client Service;Origin Client Service; C:\Users\Public\Desktop\Origin\OriginClientService.exe [2016-07-05 2122248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-05-16 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
tak viete jdowloader je zadarmo,len asi nie je celkom kosher. A kupovat si sony vegas ked ho nemienim pouzivat na biznis ucely nema zmysel. Chcel som ho len vyskusat ale kvoli tymto problemom som sa k tomu ani nedostal.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2016-09-01 13:28:43
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 47 GB (45%) free of 104 GB
Total RAM: 8132 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:45, on 1. 9. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Users\Public\Desktop\Origin\OriginClientService.exe
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7720 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000630
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 3440
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
taskeng.exe {302534E2-834A-41B6-9CA2-37BA0D5B1372}
taskeng.exe {16AEFBFA-7578-49A4-B1D3-D4B20607B948}
C:\Windows\System32\mobsync.exe -Embedding
"C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\update.exe" configfile="C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\intermediate.conf"
"C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe"
"C:\Users\Martin\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ss8nayk4.default-1470506759666
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40620.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-06-10 8810200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-26 14030080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-08-04 67864]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-07-28 831064]
"Raptr"=C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe [2016-08-23 58640]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2016-08-29 15:12:08 ----D---- C:\_OTM
2016-08-26 18:31:35 ----D---- C:\AdwCleaner
2016-08-25 16:50:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-24 18:01:00 ----D---- C:\rsit
2016-08-24 18:01:00 ----D---- C:\Program Files\trend micro
2016-08-22 17:16:29 ----A---- C:\Windows\ntbtlog.txt
2016-08-20 09:47:56 ----D---- C:\Users\Martin\AppData\Roaming\Raptr
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\wdigest.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\TSpkg.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspisrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\sspicli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\schannel.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\secur32.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpchttp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\ncrypt.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msobjs.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\msaudite.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsass.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\kerberos.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-08-19 20:05:23 ----A---- C:\Windows\system32\cryptbase.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\credssp.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\certcli.dll
2016-08-19 20:05:23 ----A---- C:\Windows\system32\auditpol.exe
2016-08-19 20:05:23 ----A---- C:\Windows\system32\adtschema.dll
2016-08-19 20:05:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-08-19 20:05:21 ----A---- C:\Windows\system32\tzres.dll
2016-08-19 20:04:38 ----A---- C:\Windows\system32\win32k.sys
2016-08-02 18:25:39 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-08-02 18:25:39 ----A---- C:\Windows\system32\WMPhoto.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3r.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\msxml3.dll
2016-08-01 18:19:51 ----A---- C:\Windows\system32\InkEd.dll
2016-08-01 18:19:50 ----A---- C:\Windows\system32\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-08-01 18:19:49 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-08-01 18:19:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-08-01 18:19:48 ----A---- C:\Windows\system32\cdd.dll
2016-08-01 18:19:46 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\FntCache.dll
2016-08-01 18:19:46 ----A---- C:\Windows\system32\DWrite.dll
2016-08-01 18:19:45 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-08-01 18:19:45 ----A---- C:\Windows\system32\user32.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\wshrm.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-08-01 18:19:43 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-08-01 18:19:43 ----A---- C:\Windows\system32\davclnt.dll
2016-08-01 18:19:42 ----A---- C:\Windows\system32\samsrv.dll
2016-08-01 18:19:41 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-08-01 18:19:41 ----A---- C:\Windows\system32\samlib.dll
2016-08-01 18:19:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-08-01 18:19:40 ----A---- C:\Windows\system32\d2d1.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\mtxoci.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\EncDec.dll
2016-08-01 18:19:35 ----A---- C:\Windows\system32\CPFilters.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-08-01 18:19:34 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-08-01 18:19:25 ----A---- C:\Windows\system32\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\wmploc.DLL
2016-08-01 18:19:24 ----A---- C:\Windows\system32\spwmp.dll
2016-08-01 18:19:24 ----A---- C:\Windows\system32\dxmasf.dll
2016-08-01 18:19:23 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-08-01 18:19:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-08-01 18:17:32 ----A---- C:\Windows\system32\ole32.dll
2016-08-01 18:17:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\sysmain.dll
2016-08-01 18:17:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-08-01 18:17:17 ----A---- C:\Windows\system32\msmmsp.dll
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-08-01 18:17:09 ----A---- C:\Windows\system32\drivers\srv.sys
2016-08-01 18:17:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-08-01 18:17:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-08-01 18:17:06 ----A---- C:\Windows\system32\wksprt.exe
2016-08-01 18:17:06 ----A---- C:\Windows\system32\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-08-01 18:17:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\tsgqec.dll
2016-08-01 18:17:05 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-08-01 18:16:58 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-01 18:16:57 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-08-01 18:16:57 ----A---- C:\Windows\system32\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\wmpmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-08-01 18:16:56 ----A---- C:\Windows\system32\quartz.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\mcmde.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\evr.dll
2016-08-01 18:16:56 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\SysFxUI.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\rrinstaller.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qdvd.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\qasf.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfvdsp.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfps.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfpmp.exe
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mfplat.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\mferror.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\ksuser.dll
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-08-01 18:16:55 ----A---- C:\Windows\system32\devenum.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapistub.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\mapi32.dll
2016-08-01 18:16:53 ----A---- C:\Windows\system32\fixmapi.exe
2016-08-01 18:16:50 ----A---- C:\Windows\system32\basesrv.dll
2016-08-01 18:16:44 ----A---- C:\Windows\system32\schedsvc.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6r.dll
2016-08-01 18:16:43 ----A---- C:\Windows\system32\msxml6.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\usp10.dll
2016-08-01 18:16:41 ----A---- C:\Windows\system32\oleaut32.dll
2016-08-01 18:16:40 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-08-01 18:16:40 ----A---- C:\Windows\system32\asycfilt.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\wpnpinst.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\win32spl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.exe
2016-08-01 18:16:39 ----A---- C:\Windows\system32\ntprint.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\localspl.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetppui.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\inetpp.dll
2016-08-01 18:16:39 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-08-01 18:16:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\winipsec.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\polstore.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpsvc.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.exe
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpscript.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpprefcl.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\gpapi.dll
2016-08-01 18:15:13 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-08-01 18:15:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-08-01 18:15:11 ----A---- C:\Windows\system32\d3d10warp.dll
2016-08-01 18:15:09 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpudd.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\rdpcorets.dll
2016-08-01 18:15:09 ----A---- C:\Windows\system32\d3d10level9.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\qedit.dll
2016-08-01 18:15:07 ----A---- C:\Windows\system32\notepad.exe
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-08-01 18:15:07 ----A---- C:\Windows\system32\drivers\afd.sys
2016-08-01 18:15:07 ----A---- C:\Windows\notepad.exe
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\ws2_32.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\winhttp.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\mswsock.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-08-01 18:15:01 ----A---- C:\Windows\system32\comsvcs.dll
2016-08-01 18:15:01 ----A---- C:\Windows\system32\catsrvut.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-08-01 18:15:00 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-08-01 18:15:00 ----A---- C:\Windows\system32\netbtugc.exe
2016-08-01 18:14:59 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\mfds.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aepic.dll
2016-08-01 18:14:59 ----A---- C:\Windows\system32\aeinv.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\lpk.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\fontsub.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\dciman32.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmlib.dll
2016-08-01 18:14:58 ----A---- C:\Windows\system32\atmfd.dll
2016-08-01 18:14:57 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-08-01 18:14:57 ----A---- C:\Windows\system32\seclogon.dll
2016-08-01 18:12:30 ----A---- C:\Windows\system32\jnwmon.dll
2016-08-01 18:12:26 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-08-01 18:12:26 ----A---- C:\Windows\system32\gdi32.dll
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-08-01 18:10:18 ----A---- C:\Windows\system32\ntdll.dll
2016-08-01 18:10:18 ----A---- C:\Windows\system32\advapi32.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-08-01 18:10:17 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64win.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\wow64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\winload.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srcore.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\srclient.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\smss.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\rstrui.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\ntvdm64.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\KernelBase.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\kernel32.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-08-01 18:10:17 ----A---- C:\Windows\system32\csrsrv.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\conhost.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-08-01 18:10:17 ----A---- C:\Windows\system32\appidapi.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-01 18:10:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-08-01 18:10:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-08-01 18:10:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-08-01 18:10:09 ----A---- C:\Windows\SYSWOW64\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\els.dll
2016-08-01 18:10:09 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-07-19 00:22:10 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-19 00:22:10 ----A---- C:\Windows\system32\amdave64.dll
2016-07-19 00:22:04 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-19 00:22:02 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-19 00:21:58 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-19 00:21:58 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-19 00:21:56 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-19 00:21:56 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-19 00:21:42 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-19 00:21:40 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-19 00:21:38 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-19 00:21:30 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-19 00:21:20 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-19 00:21:12 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-19 00:21:04 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-19 00:20:54 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-19 00:20:50 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-19 00:20:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-19 00:07:28 ----A---- C:\Windows\system32\amfrt64.dll
2016-07-19 00:06:02 ----A---- C:\Windows\SYSWOW64\amfrt32.dll
2016-07-19 00:04:46 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-18 23:54:52 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-18 23:42:24 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-18 23:37:38 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-18 23:31:54 ----A---- C:\Windows\system32\coinst_16.30.dll
2016-07-18 23:28:24 ----A---- C:\Windows\system32\clinfo.exe
2016-07-18 23:28:12 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-18 23:27:00 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-18 23:25:52 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-18 23:25:48 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-18 23:22:58 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-18 23:22:16 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-18 23:21:48 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-18 23:21:38 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-18 23:21:38 ----A---- C:\Windows\system32\mantle64.dll
2016-07-18 23:21:26 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-18 23:21:10 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-18 23:11:18 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-18 23:06:24 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-18 23:04:42 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-18 23:04:38 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-18 23:03:22 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-18 23:03:14 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-18 22:46:50 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-18 22:46:44 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-18 22:46:40 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-18 22:46:32 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-18 22:46:30 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-18 22:46:18 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-18 22:45:20 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-18 22:39:22 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-18 22:39:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-18 22:39:18 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-18 22:39:14 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-18 22:39:08 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-18 22:39:00 ----A---- C:\Windows\system32\atieah64.exe
2016-07-18 22:38:58 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-18 22:38:52 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-18 22:38:50 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-18 22:38:50 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-18 22:38:48 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-18 22:38:42 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-18 22:38:24 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-18 22:37:38 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-18 22:33:38 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-18 22:33:30 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-18 22:33:30 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-18 22:33:22 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-18 22:33:18 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-18 22:33:18 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-18 22:33:14 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-18 22:33:04 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-18 22:32:52 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-18 22:29:22 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-18 22:29:16 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-18 16:51:10 ----A---- C:\Windows\system32\amdacpusl.dll
2016-07-18 16:51:02 ----A---- C:\Windows\SYSWOW64\amdacpusl.dll
2016-07-16 10:58:42 ----SHD---- C:\Config.Msi
2016-07-07 12:18:20 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-01 22:19:43 ----D---- C:\Users\Martin\AppData\Roaming\Carbon
2016-06-23 20:22:00 ----A---- C:\Windows\SYSWOW64\vulkan-1-1-0-17-0.dll
2016-06-23 20:21:24 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-1-0-17-0.exe
2016-06-23 20:21:06 ----A---- C:\Windows\system32\vulkan-1-1-0-17-0.dll
2016-06-23 20:20:28 ----A---- C:\Windows\system32\vulkaninfo-1-1-0-17-0.exe
2016-06-17 20:50:52 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-06-17 20:45:10 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-06-16 20:09:36 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-06 22:51:58 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-06 22:47:58 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-03 16:56:08 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-06-03 16:56:08 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-06-03 16:56:08 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-06-03 16:56:08 ----A---- C:\Windows\system32\vulkan-1.dll
2016-06-03 16:55:58 ----D---- C:\Program Files (x86)\VulkanRT
2016-06-03 16:55:29 ----D---- C:\Program Files (x86)\AMD
2016-06-03 16:53:50 ----D---- C:\Users\Martin\AppData\Roaming\ATI
2016-06-03 16:53:50 ----D---- C:\ProgramData\ATI
======List of files/folders modified in the last 3 months======
2016-09-01 13:28:43 ----D---- C:\Windows\Temp
2016-09-01 09:43:42 ----D---- C:\Windows\system32\config
2016-09-01 09:33:49 ----D---- C:\Windows\System32
2016-09-01 09:33:49 ----D---- C:\Windows\inf
2016-09-01 09:33:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-29 20:37:22 ----SHD---- C:\System Volume Information
2016-08-29 15:15:36 ----RD---- C:\Program Files (x86)
2016-08-29 15:13:53 ----D---- C:\Windows\SysWOW64
2016-08-26 17:37:52 ----D---- C:\ProgramData\Package Cache
2016-08-26 17:37:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-25 18:19:38 ----SHD---- C:\Windows\Installer
2016-08-24 18:01:00 ----RD---- C:\Program Files
2016-08-24 16:49:51 ----D---- C:\Windows
2016-08-21 16:41:32 ----D---- C:\Users\Martin\AppData\Roaming\MPC-HC
2016-08-21 16:32:20 ----D---- C:\Windows\Logs
2016-08-21 16:32:19 ----D---- C:\Windows\debug
2016-08-20 23:43:26 ----D---- C:\Windows\Microsoft.NET
2016-08-20 11:28:08 ----RSD---- C:\Windows\assembly
2016-08-20 09:59:05 ----D---- C:\Windows\system32\Tasks
2016-08-20 09:57:44 ----D---- C:\Windows\system32\catroot
2016-08-20 09:47:52 ----D---- C:\Program Files\AMD
2016-08-20 09:46:11 ----D---- C:\Windows\system32\drivers
2016-08-20 09:45:33 ----D---- C:\Windows\system32\DriverStore
2016-08-19 20:11:15 ----D---- C:\Windows\winsxs
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\SYSWOW64\en-US
2016-08-19 20:09:51 ----D---- C:\Windows\system32\sk-SK
2016-08-19 20:09:51 ----D---- C:\Windows\system32\en-US
2016-08-19 20:08:20 ----D---- C:\Windows\system32\MRT
2016-08-19 20:05:56 ----AC---- C:\Windows\system32\MRT.exe
2016-08-19 20:04:58 ----D---- C:\Windows\system32\catroot2
2016-08-02 18:56:04 ----D---- C:\Windows\system32\drivers\en-US
2016-08-02 18:56:02 ----D---- C:\Windows\ehome
2016-08-02 18:55:58 ----D---- C:\Windows\AppPatch
2016-08-02 18:55:56 ----D---- C:\Windows\system32\migration
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Media Player
2016-08-02 18:55:56 ----D---- C:\Program Files\Windows Journal
2016-08-02 18:55:56 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-02 18:55:55 ----D---- C:\Windows\system32\CodeIntegrity
2016-08-02 18:55:55 ----D---- C:\Windows\system32\Boot
2016-07-24 16:54:30 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2016-07-19 00:21:44 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-19 00:21:34 ----A---- C:\Windows\system32\aticfx64.dll
2016-07-19 00:21:24 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-18 22:39:04 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-17 14:39:06 ----D---- C:\ProgramData\Origin
2016-07-16 10:54:28 ----D---- C:\AMD
2016-07-12 21:54:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-12 20:54:05 ----D---- C:\Windows\system32\Macromed
2016-07-12 20:54:04 ----D---- C:\Windows\SYSWOW64\Macromed
2016-06-03 16:53:50 ----HD---- C:\ProgramData
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-06-03 1443776]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-06-03 31144]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-07-28 145984]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-07-15 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2016-07-19 305032]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-07-28 171752]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-18 79696]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-18 26708992]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-18 500736]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-30 96256]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-18 26136]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-26 4509440]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-03-30 803600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-19 986368]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-18 269824]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-07-18 121856]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-07-28 472112]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-07-28 472112]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-08-04 320672]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-07-28 989696]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-07-28 1453696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-03-11 32528]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-21 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-25 146888]
S3 Origin Client Service;Origin Client Service; C:\Users\Public\Desktop\Origin\OriginClientService.exe [2016-07-05 2122248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-05-16 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
tak viete jdowloader je zadarmo,len asi nie je celkom kosher. A kupovat si sony vegas ked ho nemienim pouzivat na biznis ucely nema zmysel. Chcel som ho len vyskusat ale kvoli tymto problemom som sa k tomu ani nedostal.
Tykat.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie na haved,preventivka
Dvouklikem na soubor C:\Program Files\trend micro\Martin.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Víceméně jste tam měl zbytečnosti. Toto je pouze dočištění.
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Víceméně jste tam měl zbytečnosti. Toto je pouze dočištění.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podozrenie na haved,preventivka
Není-li jiný problém, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?